Manualshelf

TMS zl Management and Configuration Guide ST.1.0.090213

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
491492493494495496497498499500
7-42
Virtual Private Networks
IPsec VPNs
9. For Private Key Identifier, select the private key that you added in step 3 on
page 7-38.
10. For Subject Name, type the FQDN of the TMS zl Module. Use the format
<name.domainname>. For example, type TMS.procurve.com.
The certificate request will store this name as a distinguished name,
automatically adding /CN= to the name that you type.
11. In the Subject Alternate Names section, you can specify other IDs with
which the module identifies itself. Specifying these IDs is optional:
a. Type an IP address in one or both IP Address boxes.
Typically, the IP address is the module’s public IP address, but you
can specify any valid IP address.
b. Type an FQDN in one or both Domain Name boxes.
c. Type an email address in one or both Email ID boxes.
The email address must be entered in a valid format, but it does not
actually have to exist. It is simply an ID.
Note The subject name or one of the subject alternate names must match these
settings:
The local ID in your IKE policies that use this certificate
The remote ID in IKE policies on remote tunnel endpoints that verify
this certificate
The name must match in both type and value. For example, if you have
typed TMS.procurve.com for Subject Name in the certificate request, the
local ID on the module and the remote ID on the remote tunnel endpoint
must use these settings:
Type = Distinguished Name
Value = /CN=TMS.procurve.com
If you added a subject alternate name, you could specify those settings
instead—for example, IP Address for Typ e and 10.1.1.1 for Value.
12. Click Apply.
The certificate request is displayed in the VPN > Certificates > IPsec
Certificates window.