TAILIEUCHUNG - Digital Certificates/PKI for IPSec VPNs

This document provides information about using digital certificates issued by a Cisco IOS CA server to authenticate VPN tunnels between Cisco routers. It provides design considerations, step-by-step configuration instructions, and basic management options for VPN crypto devices using digital certificates. This document is written for Cisco system engineers and assumes that you have a working knowledge of Cisco IOS routers, as well as a basic understanding of IPSec, ISAKMP/IKE, and digital certificates | Digital Certificates PKI for IPSec VPNs This document provides information about using digital certificates issued by a Cisco IOS CA server to authenticate VPN tunnels between Cisco routers. It provides design considerations step-by-step configuration instructions and basic management options for VPN crypto devices using digital certificates. This document is written for Cisco system engineers and assumes that you have a working knowledge of Cisco IOS routers as well as a basic understanding of IPSec ISAKMP IKE and digital certificates. Contents Design Guide Structure 1-2 Overview 1-3 Architectural Design Considerations 1-5 Configuring the Cisco IOS CA Server 1-6 Enrollment with a Cisco IOS Software CA Over SCEP 1-13 IPSec Headend Hub-and-Spoke Configuration Using dmaps DPD RRI 1-14 Branch End Hub-and-Spoke Configuration 1-14 Enrolling a VPN Headend Router with the Cisco IOS CA Using SCEP 1-16 Approving an Enrollment for the VPN Headend Router on the Cisco IOS CA 1-19 Enrolling a Branch Router with a Cisco IOS CA Using SCEP 1-20 Approving an Enrollment for a Branch Router with a Cisco IOS CA 1-24 Removing the Pre-Shared Key 1-25 Distributing the CRL over SCEP Revoking a Digital Certificate for a Branch VPN Router 1-28 Examples of Revoked Certificate Logs 1-30 VPN Branch Router 1-30 VPN Crypto Headend Router 1-31 Copying Certificate Enrollments to a Cisco IOS CA 1-32 1-26 Cisco Systems Corporate Headquarters Cisco Systems Inc. 170 West Tasman Drive San Jose CA 95134-1706 USA Copyright 2005 Cisco Systems Inc. All rights reserved. Design Guide Structure Automatically Re-enrolling Expired Certificates Before Expiration 1-37 Backing Up and Restoring the Cisco IOS CA Server 1-42 Backing Up Cisco IOS CA Server Files to a Different System 1-43 Recovering From Server Failure 1-43 Restoring Files To a Replacement Cisco IOS CA Server 1-45 Using TFTP HTTP Server for Off-System Storage of CA Files 1-50 Useful Commands 1-54 Commands for Managing the Cisco IOS .

• Quản trị mạng
• information technology
• international certification
• network cisco
• Cisco IOS CA Server
• Different System
• Network location
• Lecture Information technology project management
• Project management
• Information technology project management
• Information technology project
• Information technology context
• Agile project management
• Professional practices in information technology
• Business data
• Computer technology
• World Wide Web
• Information systems
• Ethical decisions
• Data protection
• Professional ethics
• Integrating information
• Communications technologies
• Educational technology
• Information technology education
• Distance learning technology education
• Communications technology education
• Teaching with technology
• Learning with technology
• Information technology certification
• Information Security
• Lecture Using information technology
• Mobile world
• Big data
• Statistical information
• Legal implications
• Information technology for managers
• Information technology results
• Strategic planning
• Business process
• English reading skill
• English for Information Technology
• College of Information and Communication Technology
• Thai Nguyen University
• The selected sophomore students
• IT Strategic Planning
• Enterprise Architecture TOGAF framework
• development of information technology
• use of information technology
• information technology services
• Business owners’ perception of the information technology process adoption
• Medium scale manufacturing companies in Indonesia
• Medium scale manufacturing companies
• Finding information technology workers
• Information technology adoption in Indonesia
• Project management statistics
• Project sponsor
• Project management process
• Planning processes
• Strategic planning process
• Project scope management
• Project time management
• Project cost management
• Project quality management
• Quality management planning
• Project human resource management
• Emotional intelligence
• Project communications management
• Communications management plan
• Project risk management
• Control risks
• Project procurement management