RootCertificates=my_root_cert
GatewayCertificate=my_gateway_cert
Web Interface
First create an ID List:
1. Go to: Objects > VPN Objects > IKE ID Lists > Add > ID List
2. Enter a name for the list, for example my_id_list
3. Click OK
Then, add an ID list to this ID list:
1. Go to: Objects > VPN Objects > IKE ID Lists > Add > ID List
2. Select my_id_list
3. Enter a name for the ID, for example JohnDoe
4. Select Distinguished name in the Type control
5. Now enter:
• Common Name: John Doe
• Organization Name: D-Link
• Organizational Unit: Support
• Country: Sweden
• Email Address: john.doe@D-Link.com
6. Click OK
Finally, apply the Identification List to the IPsec tunnel:
1. Go to: Network > Interfaces and VPN > IPsec
2. Select the IPsec tunnel object of interest
3. Under the Authentication tab, choose X.509 Certificate
4. Select the appropriate certificate in the Root Certificate(s) and Gateway Certificate
controls - For a certificate chain, all intermediate certificates must be loaded as root
certificates.
5. Select my_id_list in the Identification List
6. Click OK
9.3.9. DiffServ with IPsec
The Differentiated Services (diffserv) field in a packet can be used by network equipment to
Chapter 9: VPN
699
To Next Page
Loading...
