Skip to end of metadata
Go to start of metadata


Description:
This document describes how you upload certificates for a CC-compliant VPN connection to LANCOM routers of the Common Criteria product series.


Requirements:
  • LANCOM router from the Common Criteria product line
    • 1781A CC
    • 1781-4G CC
    • 1781A-3G CC
    • 1781A-4G CC
    • 1781EF CC
    • 7100+ CC
    • 9100+ CC
  • SCP-capable software such as Cygwin for uploading via SCP


Procedure:

1) After installing Cygwin, the certificates need to be loaded to the following directory on the PC:
    Cygwin/home/USER

2) The following syntax is used to upload the certificates with Cygwin:

2.1) Upload the device certificate:

LCS_PASSWORD="<certificate password>" scp -o SendEnv=LCS_PASSWORD <file name>.p12 root@<IP-address>:<certificate container>
    Example:
    LCS_PASSWORD="04Z&%$J912E" scp -o SendEnv=LCS_PASSWORD vpn.p12 root@192.168.1.1:vpn_pkcs12_2

    In this example, a certificate for a VPN connection is loaded to the VPN certificate container VPN 2.


2.2) Upload the public key of the remote site:

LCS_PASSWORD=„<public key password>" scp -o SendEnv=LCS_PASSWORD <file name>.p12 root@<IP-address>:<certificate container>
    Example:
    LCS_PASSWORD=„04Z&%$J912E" scp -o SendEnv=LCS_PASSWORD Public.p12 root@192.168.1.1:vpn_add_cas

    In this example, a public key for a VPN connection is loaded to the VPN container for additional CA certificates.


3) Once you have uploaded the certificates to the LANCOM router, you can check if the upload was successful from the command line of the LANCOM router.

To do this, enter following commands:
  • show vpn cert
  • show vpn add