Please select To the mobile version | Continue to access the desktop computer version
 Forgot password?
 Register now


Router

View: 4239|Reply: 1

The RSR10 router is used to perform digital certificate-based IPsec authentication, but negotiation fails after the router is restarted.

[Copy link]

19

Digests

1015

Posts

1173

Credits

administrator

Rank: 9Rank: 9Rank: 9

Credits
1173
Post time 2017-5-4 20:12:37 | Show all posts |Read mode
The RSR10 router is used to perform digital certificate-based IPsec authentication, but negotiation fail safter the router is restarted.
Reply

Use magic Report

19

Digests

1015

Posts

1173

Credits

administrator

Rank: 9Rank: 9Rank: 9

Credits
1173
 Author| Post time 2017-5-4 20:13:26 | Show all posts
Because the RSR10 router does not have an embedded clock chip, the router will restore the default time setting after restart. If digital certificate-based IPsec authentication is performed at the same time, the validity of the certificate will fail to be verified. To solve the problem, use any of the following methods:
1. Configure a Network Time Protocol (NTP) server on the RSR10 router so that the system time of the router can be synchronized correctly after the router is restarted.
2. Configure time-check none under the trustpoint of the certificate to disable certificate time check.
crypto pki trustpoint ruijie
time-check none




Reply Support Not support

Use magic Report

You have to log in before you can reply Login | Register now