EasyManuals Logo
Home>HPE>Network Router>FlexNetwork MSR Series

HPE FlexNetwork MSR Series User Manual

HPE FlexNetwork MSR Series
861 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #471 background imageLoading...
Page #471 background image
117
a. From the navigation tree, select Certificate Management > Entity.
b. Click Add.
c. Enter en as the PKI entity name, enter router-b as the common name, and enter 3.3.3.1 as
the IP address of the entity.
d. Click Apply.
2. Create a PKI domain:
a. From the navigation tree, select Certificate Management > Domain.
b. Click Add.
The configuration page appears.
c. In the upper area of the page, enter 1 as the PKI domain name, enter CA2 as the CA
identifier, select en as the local entity, select RA as the authority for certificate request,
enter http://2.1.1.100/certsrv/mscep/mscep.dll as the URL for certificate request (the RA
URL given here is just an example. Configure the RA URL as required), enter 2.1.1.102 as
the IP address of the LDAP server and 389 as the port number, select 2 as the version
number, and select Manual as the certificate request mode.
d. Click the expansion button before Advanced Configuration to display the advanced
configuration items.
e. In the advanced configuration area, click the Enable CRL Checking box and enter
ldap://2.1.1.102 as the URL for CRLs.
f. Click Apply.
The system displays "Fingerprint of the root certificate not specified. No root certificate
validation will occur. Continue?"
g. Click OK to confirm.
3. Generate an RSA key pair:
a. From the navigation tree, select Certificate Management > Certificate.
b. Click Create Key.
c. Click Apply to generate an RSA key pair.
4. Retrieve the
CA certificate:
a. From the n
avigation tree, select Certificate Management > Certificate.
b. Click Retrieve Cert.
c. Select 1 as the PKI domain, select CA as the certificate type, and click Apply.
5. Request a local certificate:
a. From the navigation tree, select Certificate Management > Certificate.
b. Click Request Cert.
c. Select 1 as the PKI domain, and click Apply.
The system displays "Certificate request has been submitted."
d. Click OK to confirm.
6. Add an IPsec connection:
a. From the navigation tree, select VPN > IPsec VPN.
b. Click Add.
c. Enter con as the IPsec connection name, select Ethernet0/2 as the gateway interface,
enter 2.2.2.1 as the remote gateway IP address, select Certificate as the authentication
method, and select CN=router-b for the certificate, select Characteristics of Traffic as the
selector type, enter 10.1.1.0/0.0.0.255 as the source IP address/wildcard, and enter
11.1.1.0/0.0.0.255 as the destination IP address/wildcard.
d. Click Apply.

Table of Contents

Other manuals for HPE FlexNetwork MSR Series

Preview: Comware 7 Layer 3 - Ip Services Configuration Guides
Comware 7 Layer 3 - Ip Services Configuration Guides554 pages
Preview: Guide
Guide213 pages
Preview: Command Reference
Command Reference120 pages
Preview: Comware 5 Layer 2 - Wan Access Configuration Guide
Comware 5 Layer 2 - Wan Access Configuration Guide420 pages
Preview: Comware 5 Security Configuration Guide
Comware 5 Security Configuration Guide547 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HPE FlexNetwork MSR Series and is the answer not in the manual?

HPE FlexNetwork MSR Series Specifications

General IconGeneral
BrandHPE
ModelFlexNetwork MSR Series
CategoryNetwork Router
LanguageEnglish

Related product manuals