EasyManuals Logo

Cisco ASR 1004 User Manual

Cisco ASR 1004
72 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #41 background imageLoading...
Page #41 background image
Page 41 of 72
Or
TOE-common-criteria (config-isakmp)# authentication ecdsa-sig
And for IKEv2 with the commands:
TOE-common-criteria (config)#crypto ikev2 profile sample
TOE-common-criteria(config-ikev2-profile)#authentication [remote | local] rsa-sig
or
TOE-common-criteria(config-ikev2-profile)#authentication [remote | local] ecdsa-sig
If an invalid certificate is loaded, authentication will not succeed.
4.6.4.10 Deleting Certificates
If the need arises, certificates that are saved on the router can be deleted. The router saves its
own certificates and the certificate of the CA.
To delete the router's certificate from the router's configuration, the following commands can be
used in global configuration mode:
Router# show crypto ca certificates [Displays the certificates stored on router]
Router(config)# crypto ca certificate chain name [Enters certificate chain configuration mode]
Router(config-cert-cha)# no certificate certificate-serial-number [deletes the certificate]
To delete the CA's certificate, the entire CA identity must be removed, which also removes all
certificates associated with the CArouter's certificate and the CA certificate. To remove a CA
identity, the following command in global configuration mode can be used:
Router(config)# no crypto ca identity name [Deletes all identity information and certificates
associated with the CA]
4.6.5 Information Flow Policies
The TOE may be configured by the privileged administrators for information flow control/
firewall rules as well as VPN capabilities using the access control functionality. Configuration
of information flow policies is restricted to the privileged administrator.
The VPNGW Extended Package requires that the TOE be able to support options for information
flow policies that include discarding, bypassing, and protecting. On the TOE, an authorized
administrator can define the traffic rules on the box by configuring access lists (with permit,
deny, and/or log actions) and applying these access lists to interfaces using access and crypto
map sets:

Table of Contents

Other manuals for Cisco ASR 1004

Preview: Replacing
Replacing120 pages
Preview: Hardware Installation Guide
Hardware Installation Guide702 pages
Preview: Quick Start Guide
Quick Start Guide38 pages
Preview: Overview And Installation
Overview And Installation38 pages
Preview: Install Guide
Install Guide32 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco ASR 1004 and is the answer not in the manual?

Cisco ASR 1004 Specifications

General IconGeneral
Product TypeRouter
Form FactorRack-mountable
Rack Height2U
Forwarding CapacityUp to 20 Gbps
Total Number of PortsVaries by configuration
Number of Total Expansion Slots4
Product SeriesASR 1000
ModelASR 1004
Forwarding PerformanceUp to 20 Gbps
Operating SystemCisco IOS XE
Power SupplyDual
Route ProcessorASR 1000 Series Route Processor
Network Interface ModulesSFP, SFP+, Gigabit Ethernet, 10 Gigabit Ethernet
Interfaces/PortsVaries by configuration
Expansion Slot TypeSPA
Throughput20 Gbps
RedundancyPower supply, Route Processor
InterfacesGigabit Ethernet, 10 Gigabit Ethernet, SFP, SFP+
StorageUp to 64 GB Flash

Related product manuals