Binding a DTLS Policy to a GNE

After a DTLS policy is bound to a GNE in the DCN view, the NMS can communicate with the GNE only after the policy is authenticated.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run dcn

    The DCN view is displayed.

  3. Run dtls policy policyName

    The DTLS policy view is displayed.

  4. Run pki-domain pki-domain

    A PKI domain is bound to the DTLS policy.

    After a PKI domain is bound to a DTLS policy, the policy uses the certificates and CRL in the PKI domain.

  5. Run commit

    The configuration is committed.

  6. Run quit

    Return to the system view.

  7. Run dcn

    The DCN view is displayed.

  8. Run set compatible mode

    The DCN compatible mode for the GNE is configured.

  9. Run bind client dtls-policy dtlsPolicyName

    A DTLS policy is bound to the domain.

    If the default configuration file for an unconfigured device contains the dcn security-mode enable command, the bind client dtls-policy qx_dtls_client command is automatically configured in the DCN view when the device starts with no configuration. In this case, you do not need to run the bind client dtls-policy dtlsPolicyName command to unbind the DTLS policy.

  10. Run commit

    The configuration is committed.

Parent Topic: Improving DCN Security
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >