EasyManuals Logo
Home>Digi>Network Router>IX14

Digi IX14 User Manual

Digi IX14
828 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #575 background imageLoading...
Page #575 background image
Virtual Private Networks (VPN) IPsec
IX14 User Guide
575
Example: SCEP client configuration with Fortinet SCEP server
In this example configuration, we will configure the IX14 device as a SCEP client that will connect to a
Fortinet SCEP server.
Fortinet configuration
On the Fortinet server:
1. Enable ports for SCEP services:
a. From the menu, select Network > Interfaces.
b. Select the appopriate port and click Edit.
c. For Access Rights > Services, enable the following services:
n
HTTPS > SCEP
n
HTTPS > CRL Downloads
n
HTTP > SCEP
n
HTTP > CRLDownloads
d. The remaining fields can be left at their defaults or changed as appropriate.
e. Click OK.
2. Create a Certificate Authority (CA):
a. From the menu, click Certificate Authorities > Local CAs.
b. Click Create New.
c. Type a Certificate ID for the CA, for example, fortinet_example_ca.
d. Complete the Subject Information fields.
e. The remaining fields can be left at their defaults or changed as appropriate.
f. Click OK.
3. Edit SCEP settings:
a. From the menu, click SCEP > General.
b. Click Enable SCEP if it is not enabled.
c. For Default enrollment password, enter a password. The password entered here must
correspond to the challenge password configured for the SCEP client on the IX14 device.
d. The remaining fields can be left at their defaults or changed as appropriate.
e. Click OK.
4. Create an Enrollment Request:
a. From the menu, click SCEP > Enrollment Requests.
b. Click Create New.
c. For Automatic request type, select Wildcard.
d. For Certificate authority, select the CAcreated in step 1, above.
e. Complete the Subject Information fields. The Distinguished Name (DN) attributes entered
here must correspond to the Distinguished Name attributes configured for the SCEP client
on the IX14 device.
f. For Renewal > Allow renewal x days before the certified is expired, type the number of
days that the certificate enrollment can be renewed, prior to the request expiring. The
Renewable Time setting on the IX14 device must match the setting of this parameter.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Digi IX14 and is the answer not in the manual?

Digi IX14 Specifications

General IconGeneral
BrandDigi
ModelIX14
CategoryNetwork Router
LanguageEnglish

Related product manuals