EasyManuals Logo
Home>HPE>Network Router>FlexNetwork MSR Series

HPE FlexNetwork MSR Series Comware 5 Security Configuration Guide

HPE FlexNetwork MSR Series
547 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #272 background imageLoading...
Page #272 background image
259
[RouterA-pki-entity-en] ip 2.2.2.1
[RouterA-pki-entity-en] common-name routera
[RouterA-pki-entity-en] quit
# Configure the PKI domain. The URL of the registration server varies with the CA server.
[RouterA] pki domain 1
[RouterA-pki-domain-1] ca identifier CA1
[RouterA-pki-domain-1] certificate request url
http://1.1.1.100/certsrv/mscep/mscep.dll
[RouterA-pki-domain-1] certificate request entity en
[RouterA-pki-domain-1] ldap-server ip 1.1.1.102
# Set the registration authority to RA.
[RouterA-pki-domain-1] certificate request from ra
# Configure the CRL distribution URL. This is not necessary if CRL checking is disabled.
[RouterA-pki-domain-1] crl url ldap://1.1.1.102
[RouterA-pki-domain-1] quit
# Create a local key pair using RSA.
[RouterA] public-key local create rsa
# Request a certificate.
[RouterA] pki retrieval-certificate ca domain 1
[RouterA] pki retrieval-crl domain 1
[RouterA] pki request-certificate domain 1
# Configure IKE proposal 1, using RSA signature for identity authentication.
[RouterA] ike proposal 1
[RouterA-ike-proposal-1] authentication-method rsa-signature
[RouterA-ike-proposal-1] quit
# Specify the PKI domain for the IKE peer.
[RouterA] ike peer peer
[RouterA-ike-peer-peer] certificate domain 1
2. Configure Router B:
# Configure the entity DN.
<RouterB> system-view
[RouterB] pki entity en
[RouterB-pki-entity-en] ip 3.3.3.1
[RouterB-pki-entity-en] common-name routerb
[RouterB-pki-entity-en] quit
# Configure the PKI domain. The URL of the registration server varies with the CA server.
[RouterB] pki domain 1
[RouterB-pki-domain-1] ca identifier CA1
[RouterB-pki-domain-1] certificate request url
http://1.1.1.100/certsrv/mscep/mscep.dll
[RouterB-pki-domain-1] certificate request entity en
[RouterB-pki-domain-1] ldap-server ip 1.1.1.102
# Set the registration authority to RA.
[RouterB-pki-domain-1] certificate request from ra
# Configure the CRL distribution URL. This is not necessary if CRL checking is disabled.
[RouterB-pki-domain-1] crl url ldap://1.1.1.102
[RouterB-pki-domain-1] quit

Table of Contents

Other manuals for HPE FlexNetwork MSR Series

Preview: Configuration Guide
Configuration Guide861 pages
Preview: Comware 7 Layer 3 - Ip Services Configuration Guides
Comware 7 Layer 3 - Ip Services Configuration Guides554 pages
Preview: Guide
Guide213 pages
Preview: Command Reference
Command Reference120 pages
Preview: Comware 5 Layer 2 - Wan Access Configuration Guide
Comware 5 Layer 2 - Wan Access Configuration Guide420 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HPE FlexNetwork MSR Series and is the answer not in the manual?

HPE FlexNetwork MSR Series Specifications

General IconGeneral
BrandHPE
ModelFlexNetwork MSR Series
CategoryNetwork Router
LanguageEnglish

Related product manuals