User`s guide
Page 12 of 30 Rel. 3.5 Release Notes
Upgrading to Aurorean Release 3.5 Release Notes
Release 3.5 Enhanced Support for VPN Clients
7. Make the following selections:
– From the Certificate Template pull-down menu, choose User.
– From the Key Options CSP pull-down menu, choose Microsoft Base
Cryptographic Provider v1.0.
– For Key Usage, select Both.
– For Key Size, enter 1024
– Select Create new key set
– Select Use local machine store
– From the Additional Options pull-down menu, select SHA1 as the Hash
Algorithm.
– Click Submit.
The Certificate Issued window appears as shown in Figure 9.
Figure 9 Certificate Issued Window
8. Click Install this certificate.
A window appears indicating the certificate was successfully issued.
9. Reboot the APS.
Invoke the Default Configuration on your ANG-3000/7000
A default IPSec configuration - the initial IPSec policy - is provided on the
ANG-3000/7000 that permits PPTP, IRPP, Firewall Traversal, and IKE/IPSec traffic
but drops all other packets. Be aware that issuing the ipsecDefault command
restores the IPSec configuration to the factory default setting.
CAUTION
This script first erases all IPSec configuration settings and then reloads it with the
factory default. Any configurations you added earlier are lost. As a precaution
against inadvertent use of the command, the script interactively prompts you to
confirm that you intend to erase and then restore the IPSec configuration.