Configuring VPN
R81.10.X Quantum Spark 1500, 1600, 1800, 1900, 2000 Appliances Locally Managed Administration Guide|307
You create a request from one gateway that must be signed by the peer gateway's CA:
1. Use the New Signing Request option in
"Managing Installed Certificates" on page189
.
2. Export this request using the Export option.
3. Use the peer gateway's internal CA to sign the request on the peer gateway.
If the peer gateway is a locally managed Check Point gateway, go to VPN > Trusted
CAs and use the Sign a Request option.
For more information, see
"Managing Trusted CAs" on page357
.
4. Upload the signed request to the local gateway.
a. Go to VPN > Installed Certificates.
b. Select the installed certificate that you asked the remote peer to sign.
c. Upload the certificate with the Upload Signed Certificate option.
See
"Managing Installed Certificates" on page189
.
5. Make sure that the CA is installed on both of the gateways. Use the Add option in
"Managing Trusted CAs" on page357
.
To authenticate by using a 3rd party CA:
You create a signing request from each peer gateway. Follow the steps above in
Sign a
request using one of the gateway's CAs
to sign it with a 3rd party CA.
Note that a 3rd party CA can issue *.crt, *.p12, or *.pfx certificate files.
1. Upload the certificate using the appropriate upload option.
a. Go to VPN > Installed Certificates.
b. Select the installed certificate that you asked the remote peer to sign.
c. Upload the certificate with the Upload Signed Certificate or Upload P12
Certificate option.
See
"Managing Installed Certificates" on page189
.
2. Make sure that the 3rd party CA is installed on both of the gateways.
Use the Add option in
"Managing Trusted CAs" on page357
.
To Next Page
Loading...
