how would you verify that the IP addresses and port numbers are correctly referencing the CA and LDAP Servers?

CRL lookups from VPN-1/Firewall-1 modules, or the SecuRemote Server, to the LDAP Server.
When problems occur with CRL verification, how would you verify that the IP addresses and port
numbers are correctly referencing the CA and LDAP Servers?

CRL lookups from VPN-1/Firewall-1 modules, or the SecuRemote Server, to the LDAP Server.
When problems occur with CRL verification, how would you verify that the IP addresses and port
numbers are correctly referencing the CA and LDAP Servers?

A.
Check the ca.ini file.

B.
Check the CA object configuration.

C.
Check the CRL timeout.

D.
Run fw checkcaintegrity -f -n from a command-line prompt.

E.
Run cpconfig.

Explanation:

: since we want to see why we can’t communicate and obtain the CRL verifications, we need to
see if we are making the CRL verifications in the right place, we can check the CA object to see if
we are referencing the correct IP address and port number. The CA.INI file will not be helpful in

this situation. This is not usually a timeout problem. The CPConfig is not related to CRL
configuration, we have to see inside the CA object.



Leave a Reply 0

Your email address will not be published. Required fields are marked *