Netgear FVS114 User Manual download pdf (Page 110)

Reference Manual for the ProSafe VPN Firewall FVS114

6-22 Advanced Virtual Private Networking

202-10098-01, April 2005

FVS114 Scenario 2: FVS114 to FVS114 with RSA Certificates

The following is a typical gateway-to-gateway VPN that uses Public Key Infrastructure x.509

(PKIX) certificates for authentication. The network setup is identical to the one given in

Scenario 1. The IKE Phase 1 and Phase 2 parameters are identical to the ones given in Scenario 1,

with the exception that the identification is done with signatures authenticated by PKIX

certificates.

Note: Before completing this configuration scenario, make sure the correct Time Zone is set on the

FVS114. For instructions on this topic, see “Time Zone” on page 4-14.

1. Obtain a root certificate.

a. Obtain the root certificate (that includes the public key) from a Certificate Authority (CA)

Note: The procedure for obtaining certificates differs from a CA like Verisign and a CA

such as a Windows 2000 certificate server, which an organization operates for providing

certificates for its members. For example, an administrator of a Windows 2000 certificate

server might provide it to you via e-mail.

b. Save the certificate as a text file called trust.txt.

2. Install the trusted CA certificate for the Trusted Root CA.

a. Log in to the FVS114.

b. From the main menu VPN section, click the CAs link.

c. Click Add to add a CA.

d. Click Browse to locate the trust.txt file.

e. Click Upload.

3. Create a certificate request for the FVS114.

a. From the main menu VPN section, click the Certificates link.

1 2 ... 105 106 107 108 109 110 111 112 113 114 115 ... 211 212

No comments

Netgear FVS114 User Manual Page 110