<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">
<TITLE>Message</TITLE>
<META content="MSHTML 6.00.2800.1141" name=GENERATOR></HEAD>
<BODY>
<DIV><SPAN class=634504214-19022003><FONT face=Arial color=#0000ff size=2>Yes,
this is supported in Global Pro 4.0.0r2. You select "Distinguished Name"
in the Device's "IKE ID's" property settings. You also have to place the
Device's protected resource in a VPN definition with certs selected as Phase 1
authentication and not pre-shared secret.</FONT></SPAN></DIV>
<DIV><SPAN class=634504214-19022003><FONT face=Arial color=#0000ff
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=634504214-19022003><FONT face=Arial color=#0000ff
size=2>Support of 4.0.0DIAL for the NS5xt should be in Global Pro 4.1 due out
early April, 2003.</FONT></SPAN></DIV>
<DIV><SPAN class=634504214-19022003><FONT face=Arial color=#0000ff
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=634504214-19022003><FONT face=Arial color=#0000ff size=2>Dave
Klein</FONT></SPAN></DIV>
<BLOCKQUOTE
style="PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #0000ff 2px solid; MARGIN-RIGHT: 0px">
<DIV></DIV>
<DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left><FONT
face=Tahoma size=2>-----Original Message-----<BR><B>From:</B>
Juri.Reitsakas@Vorguvara.ee [mailto:Juri.Reitsakas@Vorguvara.ee]
<BR><B>Sent:</B> Wednesday, February 19, 2003 5:44 AM<BR><B>To:</B> David
Klein; vpn@lists.shmoo.com<BR><B>Subject:</B> RE: [VPN] Netscreen SCEP and
iPlanet CA<BR><BR></FONT></DIV><BR><FONT face=sans-serif size=2>Hi
David,</FONT> <BR><BR><FONT face=sans-serif size=2>Thank you very much for
information.</FONT> <BR><FONT face=sans-serif size=2>I was able to configure
boxes without SubAltName just using the dn as you describe.</FONT>
<BR><BR><FONT face=Arial color=blue size=2>> set ike gateway peer-gw
ip 5.5.5.5 id asn1-dn wildcard cn=gw-test,o=netscreen,c=us" main
local-id[DistinguishedName] outgoing-interface ethernet1 proposal
rsa-g2-3des-sha</FONT> <BR><BR><FONT face=sans-serif size=2>Thank you.</FONT>
<BR><BR><FONT face=sans-serif size=2>PS! May i ask the few questions</FONT>
<BR><FONT face=sans-serif size=2>Does GlobalManager Pro 4.0.0r2 support this
configuration?</FONT> <BR><FONT face=sans-serif size=2>Do you have idea when
GMPro will support DIAL for XT?</FONT> <BR><BR><FONT face=sans-serif
size=2>Best Regards</FONT> <BR><BR><FONT face=sans-serif
size=2>Juri</FONT></BLOCKQUOTE></BODY></HTML>