Log in to ask questions, share your expertise, or stay connected to content. Don’t have a login? Join now.
Yes. AOS version 6.3.0.0 and above support storing RAP certificates on USB flash drives. Using this, RAP certificate is activated only when the USB containing the corresponding certificate is connected to the RAP. As soon as the USB drive is removed from the RAP, the certificate gets deactivated. If you remove the USB storage from an activated RAP, it drops the IPSec tunnel. It requires a power cycle to re-establish the tunnel irrespective of whether the USB with the certificate is again connected or not. The certificate contains all the information that is required for creating the tunnel including the private key, RAP certificate with the chain of certificates and the trusted CA certificate. As of AOS version 6.3.0.0, there is a limit of three supported intermediate CAs and the common name (CN) for the RAP certificate must be the MAC address of the RAP in the colon format. Note: This USB drive is purely a storage device and does not act as a 3G/4G modem.
© Copyright 2024 Hewlett Packard Enterprise Development LPAll Rights Reserved.