Ruijie Community
Title: The RSR10 router is used to perform digital certificate-based IPsec authentication, but negotiation fails after the router is restarted. [Print this page]
Author: admin Time: 2017-5-4 20:12
Title: The RSR10 router is used to perform digital certificate-based IPsec authentication, but negotiation fails after the router is restarted.
The RSR10 router is used to perform digital certificate-based IPsec authentication, but negotiation fail safter the router is restarted.
Author: admin Time: 2017-5-4 20:13
Because the RSR10 router does not have an embedded clock chip, the router will restore the default time setting after restart. If digital certificate-based IPsec authentication is performed at the same time, the validity of the certificate will fail to be verified. To solve the problem, use any of the following methods:
1. Configure a Network Time Protocol (NTP) server on the RSR10 router so that the system time of the router can be synchronized correctly after the router is restarted.
2. Configure time-check none under the trustpoint of the certificate to disable certificate time check.
crypto pki trustpoint ruijie
time-check none
Welcome to Ruijie Community (https://community.ruijienetworks.com/) |
Powered by Discuz! X3.2 |