Virtual Private Networks (VPN) IPsec
Digi Connect EZ Mini User Guide
229
16. (Optional) Enable verbose logging in /var/log/scep_client:
(config network scep_client scep_client_name)> debug true
(config network scep_client scep_client_name)>
17. Save the configuration and apply the change:
(config network scep_client scep_client_name)> save
Configuration saved.
>
18. Type exit to exit the Admin CLI.
Depending on your device configuration, you may be presented with an Access selection
menu. Type quit to disconnect from the device.
Example: SCEP client configuration with Fortinet SCEP server
In this example configuration, we will configure the Connect EZ device as a SCEP client that will
connect to a Fortinet SCEP server.
Fortinet configuration
On the Fortinet server:
1. Enable ports for SCEP services:
a. From the menu, select Network > Interfaces.
b. Select the appopriate port and click Edit.
c. For Access Rights > Services, enable the following services:
n HTTPS > SCEP
n HTTPS > CRL Downloads
n HTTP > SCEP
n HTTP > CRLDownloads
d. The remaining fields can be left at their defaults or changed as appropriate.
e. Click OK.
2. Create a Certificate Authority (CA):
a. From the menu, click Certificate Authorities > Local CAs.
b. Click Create New.
c. Type a Certificate ID for the CA, for example, fortinet_example_ca.
d. Complete the Subject Information fields.
e. The remaining fields can be left at their defaults or changed as appropriate.
f. Click OK.
3. Edit SCEP settings:
a. From the menu, click SCEP > General.
b. Click Enable SCEP if it is not enabled.
c. For Default enrollment password, enter a password. The password entered here must
correspond to the challenge password configured for the SCEP client on the Connect EZ
device.
To Next Page
Loading...
Need help?
General