Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello team,I have some basic query on PHY loopback tests.Is it something which is part of diagnostics to verify the hardware ?Do you recommbed PHY loop back tests on production units as well?Do we need an external link partner for testing PHY loopbac...
Hello,I am a beginner with using strongswan library. I see there are certificate validation plugins available in libstrongswan library but I am not familiar with how it get invoked. In my system I see the function parse_extensions() in the file plugi...
Hello,I am new to PPPoE setup and i have a basic query from client point of view. 1. Do we get an IP address also for the PPPOE interface? if So , will it get dynamically from the server or is it statically.2. When I looked at the RFC for pppoe (251...
Hi,I have the below questions about OCSP responder server address resolution during client certificate validation (example: freeradius-server uses ocsp name server for certificate status check) 1. How are we resolving the OCSP responder IP address fr...
Hi,I have the below basic questions regarding IpSec VPN on PKI env.My requirement is to Securely communicate my application running on Linux with several other Servers. Each servers are running with specific security configurations. I am using digit...
Thank you for answering my query. Once we put the phy in loop back mode how do we reset back to normal mode? Can we do this without any traffic disruption?Do we need a reset of the switch to change mode. Are you suggest to do the phy loop back test ...
Hello Karsten,1. If my system needs to connect to three other security gateways, and 1 radius server, Can I have only one certificate for all these gateways and radius server? 2. Since I am not using OCSP, do I need to get the CRLs for root CA, SCA c...
Hello Karsten,Sorry for the confusion on my question. My Query is about the new certificate creation. I believe the CSR is generated only in the system where it is revoked (or the key is compromised) and when it gets the new certificate all of its p...
Thank you so much for your answers. I have one more last query. you mentioned if the shared certificate is revoked, you need to renew this certificate on all three systems.Are you saying that the renewal on the peers occur as part of the authenticati...
Hi Karsten,Thank you so much for the quick reply. I agree that having individual certificates is the most secure but difficult administrate. You mentioned- If you use shared certificates and you revoke it, all systems using this certificate need to r...
