TRENDnet TW100-BRV304v3 Router Manual PDF (Setup & Configuration Guide)

Page 101 / 123 Scroll up to view Page 96 - 100

TW100-BRV304 User Guide

98

Windows 2000 Server Configuration

Configuration is the same as for

Example 2:

Windows 2000/XP Client to

except for specify-

ing the

Source

and

Destination

addresses for the "Filter Properties". Instead, for both IP Filters,

the

Filter Properties- Addressing

should be completed as follows.

Figure 83: Windows 2000 Server - Addressing

•

The

Source Address

should be set to "A specific IP Subnet", and the

IP address

and

Subnet mask

set to the address range used on the TW100-BRV304's LAN.

•

The

Destination Address

should be set to "A specific IP Subnet", and the

IP address

and

Subnet mask

set to the address range used on the Windows 2000 LAN.

Page 102 / 123

VPN

99

Using Certificates

Certificates are used to authenticate users. Certificates are issued to you by various CAs

(Certification Authorities). These Certificates are called "Self Certificates".

Each CA also issues a certificate to itself. This Certificate is required in order to validate

communication with the CA. These certificates are called "Trusted Certificates."

The

Certificates

screen lists both the Trusted Certificate - the certificates of each CA itself -

and Self Certificates - the certificates issued to you.

Figure 84: Certificates Screen

Subject Name

(CA)

The "Subject Name" is always the company or person to whom the

Certificate is issued. For trusted certificates, this will be a CA.

Issuer Name

The CA (Certification Authority) which issued the Certificate.

Expiry Time

The date on which the Certificate expires. You should renew the

Certificate before it expires.

Delete button

Use this button to delete a Trusted Certificate. Select the checkbox in

the

Delete

column for any Certificates you wish to delete, then click

the "Delete" button.

Name

The name you assigned to this Certificate. You should select a name

which helps to identify this particular certificate.

Subject Name

The company or person to whom the Certificate is issued.

Issuer Name

The CA (Certification Authority) which issued the Certificate.

Expiry Time

The date on which the Certificate expires. You should renew the

Certificate before it expires.

Delete button

Use this button to delete a Self Certificate. Select the checkbox in the

Delete

column for any Certificates you wish to delete, then click the

"Delete" button.

Page 103 / 123

TW100-BRV304 User Guide

100

Adding a Trusted Certificate

1.

After obtaining a new Certificate from the CA, you need to upload it to the TW100-

BRV304.

2.

On the "Certificates" screen, click the "Add Trusted Certificate" button to view the

Add

Trusted Certificate

screen, shown below.

Figure 85: Add Trusted Certificate

3.

Click the "Browse" button, and locate the certificate file on your PC

4.

Select the file. The name will appear in the "Certificate File" field.

5.

Click "Upload" to upload the certificate file to the TW100-BRV304.

6.

Click "Back" to return to the Trusted Certificate list. The new Certificate will appear in the

list.

Adding a Self Certificate

This process is different to obtaining a Trusted Certificate. The TW100-BRV304 must gener-

ate a request for the CA. You cannot request a Certificate directly. The correct procedure is as

follows:

1.

On the "Certificates" screen, click the "Add Self Certificate" button to view the first screen

of the

Add Self Certificate

procedure, shown below.

Figure 86: Add Self Certificate (1)

2.

Complete this screen.

Name

Enter a name which helps to identify this particular certifi-

cate. This name is only for your reference.

Page 104 / 123

VPN

101

Subject Name

This is the name which other organizations will see as the

Holder (owner) of this Certificate. This should be your

registered business name or official company name.

Gener-

ally, all Certificates should have the same value in the

Subject field.

Hash Algorithm

Select the desired option.

Signature Algorithm

Select the desired option. RSA is recommended.

Signature Key Length

Select the desired option. Normally, 1024 bits provides

adequate security.

3.

Click "Next" to continue to the following screen.

Figure 87: Add Self Certificate (2)

4.

Check that the data displayed in the

Certificate Details

section is correct. This data is used

to generate the Certificate request. If the data is not correct, click the "Back" button and

correct the previous screen.

5.

If the data is correct, copy the text in the

Data to supply to CA

panel to the clipboard.

6.

Apply for a Certificate:

•

Connect to the CA's web site.

•

Start the Self Certificate request procedure.

•

When prompted for the request data, copy this data (including "-----BEGIN

CERTIFICATE REQUEST-----" and "-----END CERTIFICATE REQUEST-----")

from this screen to the CA's form.

•

Submit the CA's form.

•

If there are no problems, the Certificate will then be issued.

7.

After obtaining a new Certificate, as described above, you need to upload it the TW100-

BRV304. Click the "Next" button to see the screen below.

Page 105 / 123

TW100-BRV304 User Guide

102

Figure 88: Add Self Certificate (3)

8.

Upload the Certificate:

•

Click the "Browse" button, and locate the certificate file on your PC

•

Select the file. The name will appear in the "Certificate File" field.

•

Click "Upload" to upload the certificate file to the TW100-BRV304.

•

Click "Finished" to return to the Certificate list. The new Certificate will appear in the

list.

CRLs

CRLs are only necessary if using Certificates.

CRL (Certificate Revocation List) files show Certificates which have been revoked, and are no

longer valid. Each CA issues their own CRLs.

It is VERY IMPORTANT to keep your CRLs up-to-date. You need to obtain the CRL for each

CA regularly. The "Next Update" field in the CRL shows when the next update will be avail-

able.

To add a New CRL

1.

Obtain the CRL file from your CA.

2.

Select

CRL

from the VPN menu. You will see a screen like the example below.

Figure 89: Certificate Revocation Lists

3.

Click the "Add New CRL" button. You will see a screen like the following:

Rate

Popular TRENDnet Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share