User's Manual
Table Of Contents
- Reference Manual for the NETGEAR ProSafe VPN Client
- Contents
- Chapter 1 About This Manual
- Chapter 2 Introduction
- Chapter 3 Installation
- Chapter 4 Configuring L2TP Connections
- Chapter 5 Using the Security Policy Editor
- What is the Security Policy Editor?
- Basic Steps to Configure a Security Policy
- How to Secure All Connections
- How to Configure Global Policy Settings
- How to Configure Other Connections
- How to Add and Configure a Connection
- How to Enter a Preshared Key
- How to Configure a Gateway
- Configure My Identity
- Configure Security Policy Connection Options
- Configure Authentication (Phase 1)
- Configure Key Exchange (Phase 2)
- Edit a Distinguished Name
- Configure and Manage Connections
- Manage Proposals
- Manage Redundant Gateways
- Manage the Security Policy
- Chapter 6 Using the Certificate Manager
- What is the Certificate Manager?
- Obtain Certificates
- With Online (SCEP) Enrollment
- CAs that Support SCEP
- Retrieve a CA Certificate Online
- Configure a CA Certificate
- Use an HTTP Proxy Server for Online Certificate Requests and CRL Updates
- Import a CA Certificate
- Select a CSP
- Request a Personal Certificate
- Define How Often to Check for and Retrieve New Personal Certificates
- Retrieve a Personal Certificate Manually
- Manage Certificate Requests
- With Manual (File-Based) Enrollment
- Obtain Certificates Through Internet Explorer
- With Online (SCEP) Enrollment
- Manage Certificates
- Manage Certificate Revocation Lists (CRLs)
- Manage the Trust Policy
- Chapter 7 Using Sessions
- Chapter 8 Distributing Customized Profiles
- Chapter 9 Troubleshooting
- Appendix A Networks, Routing, and Firewall Basics
- Appendix B Virtual Private Networking
- Appendix C NETGEAR ProSafe VPN Client to NETGEAR FVS318 or FVM318 VPN Routers
- Appendix D NETGEAR VPN Client to NETGEAR FVL328 or FWAG114 VPN Router
- Glossary
- Index
Reference Manual for the NETGEAR ProSafe VPN Client
6-8 Using the Certificate Manager
202-10015-01
4.
Unless your network security administrator instructs you to change it, leave the Import
certificate to local machine store check box selected (the default).
Caution: In Windows NT and Windows 2000 and XP, you must be logged on as
administrator or its equivalent to add this certificate to the local machine store (for all users
who log on to this computer).
5. Click Import.
6. When a confirmation message box opens, click Yes .
Select a CSP
You can select a cryptographic service provider (CSP) when requesting a personal certificate,
regardless of the method. You can also designate a default CSP to use for all personal certificate
requests.
1. In the Security Policy Editor, click Options>Certificate Settings. The Online or File-based
Certificate Request dialog box opens.
2. Click Advanced. The Advanced Certificate Enrollment Settings dialog box opens.
3. Click the specific CSP in the list.
4. If the Key Size box is enabled, click the key size to use.
5. To designate the settings on this dialog box as the default for all personal certificate requests,
select the Save as default CSP settings check box.
6. By default, the Place certificate and keys in local machine store check box is clear, which
places the imported certificate in your—the logged-on user's—personal certificate store.
Unless your network security administrator instructs you to change it, accept the default.
Caution: In Windows NT and Windows 2000 and XP, you must be logged on as
administrator or its equivalent to add this certificate to the local machine store.
7. Click OK.
Request a Personal Certificate
After you retrieve or import a CA certificate, you must request a personal certificate from this CA.
If your client was installed with a CA certificate, the Online Certificate Request or File-based
Certificate Request dialog box opens automatically the first time your computer restarts after client
installation.
When the CA supports SCEP, submit the request online. For CAs that don't support SCEP, create a
certificate request to submit to the CA manually.