vii
Failed to request local certificates ·········································································································· 262
Failed to retrieve CRLs ·························································································································· 263
Managing public keys ················································································· 264
FIPS compliance ············································································································································ 264
Configuration task list ····································································································································· 265
Creating a local asymmetric key pair ············································································································· 265
Displaying or exporting the local host public key ··························································································· 266
Displaying and recording the host public key information ·············································································· 267
Displaying the host public key in a specific format and saving it to a file ······················································· 267
Exporting the host public key in a specific format to a file ············································································· 267
Destroying a local asymmetric key pair ········································································································· 268
Configuring the local RSA key pair for certificate request ·············································································· 268
Exporting an RSA key pair ····························································································································· 268
Importing an RSA key pair ····························································································································· 269
Specifying the peer public key on the local device ························································································ 269
Displaying public keys ···································································································································· 270
Public key configuration examples ················································································································· 270
Manually specifying the peer public key on the local device ·································································· 270
Importing a public key from a public key file ·························································································· 272
Exporting and importing an RSA key pair ······························································································ 275
Configuring RSH ························································································· 278
Configuration prerequisites ···························································································································· 278
Configuration procedure ································································································································ 278
RSH configuration example ··························································································································· 278
Configuring portal authentication ································································ 281
Overview ························································································································································ 281
Extended portal functions ······················································································································· 281
Portal system components ····················································································································· 281
Portal system using the local portal server ···························································································· 283
Portal authentication modes ··················································································································· 284
Portal support for EAP ··························································································································· 285
Layer 2 portal authentication process ···································································································· 285
Layer 3 portal authentication process ···································································································· 286
Portal authentication across VPNs ········································································································· 290
Portal configuration task list ··························································································································· 290
Configuration prerequisites ···························································································································· 292
Specifying the portal server ··························································································································· 292
Specifying the local portal server for Layer 2 portal authentication ························································ 292
Specifying a portal server for Layer 3 portal authentication ··································································· 293
Configuring the local portal server ················································································································· 294
Customizing authentication pages ········································································································· 294
Configuring the local portal server ········································································································· 297
Enabling portal authentication ························································································································ 298
Enabling Layer 2 portal authentication ··································································································· 298
Enabling Layer 3 portal authentication ··································································································· 298
Controlling access of portal users ·················································································································· 299
Configuring a portal-free rule ················································································································· 299
Configuring an authentication source subnet ························································································· 300
Configuring an authentication destination subnet ·················································································· 301
Setting the maximum number of online portal users ·············································································· 301
Specifying an authentication domain for portal users ············································································ 301
Configuring Layer 2 portal authentication to support Web proxy ··························································· 302
Enabling support for portal user moving ································································································ 303
Configuring RADIUS related attributes ·········································································································· 303
Specifying NAS-Port-Type for an interface ···························································································· 304
Specifying the NAS-Port-ID for an interface ··························································································· 304
Specifying a NAS ID profile for an interface ··························································································· 304
Specifying a source IP address for outgoing portal packets ·········································································· 305
Specifying an autoredirection URL for authenticated portal users ································································· 306
To Next Page
Loading...
