EasyManuals Logo

Cisco ASR 1000 Series User Manual

Cisco ASR 1000 Series
72 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #41 background imageLoading...
Page #41 background image
Page 41 of 72
Or
TOE-common-criteria (config-isakmp)# authentication ecdsa-sig
And for IKEv2 with the commands:
TOE-common-criteria (config)#crypto ikev2 profile sample
TOE-common-criteria(config-ikev2-profile)#authentication [remote | local] rsa-sig
or
TOE-common-criteria(config-ikev2-profile)#authentication [remote | local] ecdsa-sig
If an invalid certificate is loaded, authentication will not succeed.
4.6.4.10 Deleting Certificates
If the need arises, certificates that are saved on the router can be deleted. The router saves its
own certificates and the certificate of the CA.
To delete the router's certificate from the router's configuration, the following commands can be
used in global configuration mode:
Router# show crypto ca certificates [Displays the certificates stored on router]
Router(config)# crypto ca certificate chain name [Enters certificate chain configuration mode]
Router(config-cert-cha)# no certificate certificate-serial-number [deletes the certificate]
To delete the CA's certificate, the entire CA identity must be removed, which also removes all
certificates associated with the CArouter's certificate and the CA certificate. To remove a CA
identity, the following command in global configuration mode can be used:
Router(config)# no crypto ca identity name [Deletes all identity information and certificates
associated with the CA]
4.6.5 Information Flow Policies
The TOE may be configured by the privileged administrators for information flow control/
firewall rules as well as VPN capabilities using the access control functionality. Configuration
of information flow policies is restricted to the privileged administrator.
The VPNGW Extended Package requires that the TOE be able to support options for information
flow policies that include discarding, bypassing, and protecting. On the TOE, an authorized
administrator can define the traffic rules on the box by configuring access lists (with permit,
deny, and/or log actions) and applying these access lists to interfaces using access and crypto
map sets:

Table of Contents

Other manuals for Cisco ASR 1000 Series

Preview: Software Configuration Guide
Software Configuration Guide602 pages
Preview: Configuration Guide
Configuration Guide126 pages
Preview: Replacing
Replacing120 pages
Preview: Hardware Installation Guide
Hardware Installation Guide594 pages
Preview: Installation And Configuration Guide
Installation And Configuration Guide292 pages
Preview: Quick Start Guide
Quick Start Guide48 pages
Preview: Hardware Installation And Configuration Guide
Hardware Installation And Configuration Guide32 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco ASR 1000 Series and is the answer not in the manual?

Cisco ASR 1000 Series Specifications

General IconGeneral
SeriesASR 1000
CategoryNetwork Router
Operating SystemCisco IOS XE
MemoryUp to 64 GB
Interfaces10 Gigabit Ethernet
Power SupplyAC or DC options
DimensionsVaries by model
EncryptionIPsec, SSL
StorageVaries by model
Operating Temperature32°F to 104°F (0°C to 40°C)
Humidity5% to 95% non-condensing
MTBFVaries by model

Related product manuals