EasyManuals Logo

Quantum CHECK POINT SPARK 1800 Series User Manual

Quantum CHECK POINT SPARK 1800 Series
300 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #28 background imageLoading...
Page #28 background image
Configuring VPN
Quantum Spark 1500, 1600 and 1800 Appliance Series R80.20.40 Locally Managed Administration Guide | 28
Configuration
1. Reinitialize certificates - Use the Reinitialize certificates option described in
"Managing Installed
Certificates" on page116
. Make sure this is done on both the local and peer gateway (if they both use
locally managed Check Point appliances).
2. Trust CAs on the local and peer gateways - Use one of these procedures:
n
Exchange CAs between gateways
n
Sign a request using one of the gateway's CAs.
n
Authenticate by using a 3rd party CA.
n
Authenticate with an existing 3rd party certificate.
3. Use certificate authentication to create the VPNsite.
a. Follow the instructions in
"Configuring VPN Sites" on page233
.
b. To make sure the specified certificate is used, enter the peer gateway's certificate information
in Advanced > Certificate Matching.
Trust Procedures
Exchange CAs between gateways:
Click Add to add the Trusted CA of the peer gateway. This makes sure the CA is uploaded on both the local
and peer gateways. See
"Managing Trusted CAs" on page244
.
Sign a request using one of the gateway's CAs:
You create a request from one gateway that must be signed by the peer gateway's CA:
1. Use the New Signing Request option in
"Managing Installed Certificates" on page116
.
2. Export this request using the Export option.
3. Use the peer gateway's internal CA to sign the request on the peer gateway.
If the peer gateway is a locally managed Check Point gateway, go to VPN > Trusted CAs and use the
Sign a Request option. For more information, see
"Managing Trusted CAs" on page244
.
4. Upload the signed request to the local gateway.
a. Go to VPN > Installed Certificates.
b. Select the installed certificate that you asked the remote peer to sign.
c. Upload the certificate with the Upload Signed Certificate option. See
"Managing Installed
Certificates" on page116
.
5. Make sure that the CA is installed on both of the gateways. Use the Add option in
"Managing Trusted
CAs" on page244
.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Quantum CHECK POINT SPARK 1800 Series and is the answer not in the manual?

Quantum CHECK POINT SPARK 1800 Series Specifications

General IconGeneral
BrandQuantum
ModelCHECK POINT SPARK 1800 Series
CategoryNetwork Hardware
LanguageEnglish

Related product manuals