Manualshelf

User manual

ManualsBrandsSecure Computing ManualsComputer equipmentSG550
191192193194195196197198199200
Virtual Private Networking
194
Note
Only one shared secret tunnel may be added. The one shared secret is used by
all remote clients to authenticate.
Select x.509 Certificate Tunnel to use x.509 certificates to authenticate the
remote client against a Certificate Authority's (CA) certificate. The CA certificate
must have signed the local certificates that are used for tunnel authentication.
Certificates need to be uploaded to the SG unit before a tunnel can be configured
to use them (see Certificate Management in the IPSec section later in this
chapter). This authentication method is more difficult to configure, but very
secure.
Creating and adding x.509 certificates is detailed in Certificate Management in the
IPSec section later in this chapter.
Note
Multiple x.509 certificate tunnels may be added. A separate x.509 certificate
tunnel is required for each remote client to authenticate.
Click New.
Enter a Tunnel Name to identify this connection. It may not be the same as any other
L2TP/IPSec or regular IPSec tunnel names.
If adding a Shared Secret Tunnel, enter the Shared Secret. Ensure it is something
hard to guess. Keep note of the shared secret, as it is used in configuring the remote
client.