Which of the following activities should you do first?

You want to establish a VPN, using certificates. Your VPN will exchange certificates with an
external partner. Which of the following activities should you do first?

You want to establish a VPN, using certificates. Your VPN will exchange certificates with an
external partner. Which of the following activities should you do first?

A.
Create a new logical-server object to represent your partner’s CA.
B. Exchange exported CA keys and use them to create a new server object to represent your
partner’s Certificate Authority (CA).

C.
Manually import your partner’s Certificate Revocation List.

D.
Manually import your partner’s Access Control List.



Leave a Reply 3

Your email address will not be published. Required fields are marked *


Carlos

Carlos

Explanation

To configure VPN using certificates, with the external Security Gateways as satellites in a star VPN Community:
1. Obtain the certificate of the CA that issued the certificate for the peer VPN Security Gateways, from the peer administrator. If the peer Security Gateway is using the ICA, you can obtain the CA certificate using a web browser from:
http://:18264
2. In SmartDashboard, define the CA object for the CA that issued the certificate for the peer. See Enrolling with a Certificate Authority (on page 46).
3. Define the CA that will issue certificates for your side if the Certificate issued by ICA is not appropriate for the required VPN tunnel.
You may have to export the CA certificate and supply it to the peer administrator.
4. Define the Network Object(s) of the Security Gateway(s) that are internally managed. In particular, be sure to do the following: