IPsec Site2Site Certificate

Hello,

I need to create VPN IPsec S2S tunnel with certificate authentication.

What i need in Subject and Key Usage/Enhanced Key Usage in that certificate?

For now i use certificate with address IP in Common Name and Client/Server Authentication (Enhanced Key Usage) on each sites.

Thats is ok?

New Member

That should be fine, but a name in the subject field would be ideal.

Ken

kzukAuthor

New Member

Name of what? UTM hostname? In VPN config I can't enter domain name. I can use only IP address.

New Member

If your talking about the CN field; it could be something as simple as a username, hostname, email, rfc822name, etc....

Sign up