This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Help

Who rated this post

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
_Val_
Admin
Admin
‎2023-12-28 12:17 AM

Some answers:

  1. The default VPN authentication for S2S VPN is certificate-based. Pre-Shared is considered less secure and is only supported for cases when your VPN peer belongs to another security domain.
  2. GW VPN certificates, like all other internal certificates, are signed by your domain CA
  3. The default expiration period for VPN certificates is one year for all supported versions. You can extend it to three years, see sk176527.
  4. AFAIK, there are no SNMP traps for certificates. However, there are multiple other means to follow up and check the validity of GW VPN certificates. Look into sk104400, sk178304, sk102092, sk97792. In essence, you will have either SmartConsole warning, or you can run a CLI command to check.

View solution in original post

(1)
Who rated this post