Support User Manuals

Cisco Systems CL-28826-01 Security Camera User Manual

Open as PDF

of 2616

30-28

User Guide for Cisco Security Manager 4.4

OL-28826-01

Chapter 30 Managing Remote Access VPNs on ASA and PIX 7.0+ Devices

Working with IPSec VPN Policies

–

Select bundle file—If the bundle is stored on your machine, click Import from a file, then click

Browse Local Files and navigate to the bundle.

–

Import default bundle—Select this option to import the default bundle.

3. Specify the following import options:

–

Clear all certificates before import—Whether to clear the trustpool before importing the

bundle.

–

Continue to import the bundle if signature validation fails or can’t be

performed—Whether to continue import if the signature can not be validated.

4. Click Import.

Exporting a Certificate Bundle

When you have correctly configured the Trustpool you should export the pool. This will enable you to

restore the Trustpool to this point, for example if you wish to remove a certificate that was added to the

trustpool after the export. You can export the pool to the Security Manager server file system or your

local file system.

To export the certificate bundle:

1. Click Export Bundle.

2. Click Browse.

3. Select the tab that corresponds to the file system you want to export to (local machine or Security

Manager server).

4. Navigate to the folder where you want to save the trustpool.

5. Enter a unique memorable name for the trustpool in the File name box.

6. Click Save.

Removing Certificates from the Trustpool

You can remove certificates from the trustpool using the following methods:

• To remove an individual certificate, select the certificate and click Delete.

• To remove all certificates that are not part of the default bundle, click Clear Trustpool.

Note Before clearing the trustpool you should export the current trustpool so that you can restore

your current settings if needed.

Related Topics

• Configuring SSL VPN Server Verification (ASA), page 30-61

• Configuring Trusted Pool Settings (ASA), page 30-26

Working with IPSec VPN Policies

Certain policies need to be configured for IPSec VPNs. The topics listed below explain these remote

access IPsec VPN policies, with the exception of the IKE Proposal policy, which is explained in

Configuring an IKE Proposal, page 25-9.

previous next