Home > Archive > 70-214 > December 2002 > IPSEC and CA





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author IPSEC and CA
kevinvasoft

2002-11-15, 11:29 am

OK, here it goes.

Im a cisco engineer and generally understand IPSec and understand that CA is related but i just don't know how. Can someone opne the curtains and let some light in???
jeff_j_black

2002-11-15, 9:18 pm

Certificates from reliable sources are used to validate the public key to the private key for authentication and encryption protocols.
cm2gj

2002-12-14, 2:43 am

quote:
Originally posted by jeff_j_black
Certificates from reliable sources are used to validate the public key to the private key for authentication and encryption protocols.


for ipsec a certificate server is required. but i donīt know how a vpn hardware i have make ipsec vpns without a certificate. using a hash algorithm both sides use vpn l2tp with ipsec to comunication.
jeff_j_black

2002-12-14, 8:16 am

This probably does not use certificates, but uses a pre-shared key. Do you put the same 'password' on the router at each side?
cm2gj

2002-12-14, 8:37 pm

quote:
Originally posted by jeff_j_black
This probably does not use certificates, but uses a pre-shared key. Do you put the same 'password' on the router at each side?


yes.
we use a preshared key. and some mda5 settings. is a vpn + ipsec tunnel.
chodan

2002-12-27, 8:23 pm

A good example of a CA is the public encryption keys embeded in web browser by verisign or microsoft.
The CA could be the server that issues the private key that matches the embeded key.

In windows 2000 you can create your own CA and generate your own keys.
The only problem is that end users will have to click on a warning to except the key you created.
If a CA like Microsoft or Verisign or the like created the key then it will be transparent to the end user.
cm2gj

2002-12-28, 2:26 am

quote:
Originally posted by chodan
A good example of a CA is the public encryption keys embeded in web browser by verisign or microsoft.
The CA could be the server that issues the private key that matches the embeded key.

In windows 2000 you can create your own CA and generate your own keys.
The only problem is that end users will have to click on a warning to except the key you created.
If a CA like Microsoft or Verisign or the like created the key then it will be transparent to the end user.


thanks for the tip.
i don`t understand how works the signature on emails provide by verysign (when you buy the service)
Sponsored Links





Free Braindumps | MCSE braindumps software forum

Copyright 2003 - 2008 examnotes.net