https://community.cisco.com/t5/network-security/site-to-site-vpn-with-certificate-authentication-using-asa-as/m-p/1868267#M491280 <HTML><HEAD></HEAD><BODY><P>New stuff <SPAN __jive_emoticon_name="happy" __jive_macro_name="emoticon" class="jive_macro jive_emote" src="https://community.cisco.com/4.5.4/images/emoticons/happy.gif"></SPAN> </P><P></P><P>But why it does not work for site to site? I mean if both peers are able to get a certificate from the ASA I dont know what could go wrong creating the tunnel. </P><P></P><P>Let me know. </P><P></P><P>Mike </P></BODY></HTML> Wed, 14 Dec 2011 16:44:30 GMT Maykol Rojas 2011-12-14T16:44:30Z https://community.cisco.com/t5/network-security/site-to-site-vpn-with-certificate-authentication-using-asa-as/m-p/1868264#M491273 <P>Hi,</P><P></P><P>As the title suggests I am planning on rolling out site to site VPN using ASA as a local CA Server.</P><P>I have been looking around on the forums and cisco.com but cannot see any form of documentation on using the ASA as the local CA for site to site.</P><P>Is this possible?&nbsp; If so can someone point me in the right direction please.</P><P></P><P>Many thanks.</P><P></P><P>Regards</P><P>Mo</P> Mon, 11 Mar 2019 22:01:31 GMT https://community.cisco.com/t5/network-security/site-to-site-vpn-with-certificate-authentication-using-asa-as/m-p/1868264#M491273 Mohammed Islam 2019-03-11T22:01:31Z https://community.cisco.com/t5/network-security/site-to-site-vpn-with-certificate-authentication-using-asa-as/m-p/1868265#M491275 <HTML><HEAD></HEAD><BODY><P>Hi, </P><P></P><P>Nope, as far as I know, the CA server capability is only on IOS software, not on the ASA. </P><P></P><P>Mike. </P></BODY></HTML> Wed, 14 Dec 2011 04:03:47 GMT https://community.cisco.com/t5/network-security/site-to-site-vpn-with-certificate-authentication-using-asa-as/m-p/1868265#M491275 Maykol Rojas 2011-12-14T04:03:47Z https://community.cisco.com/t5/network-security/site-to-site-vpn-with-certificate-authentication-using-asa-as/m-p/1868266#M491277 <HTML><HEAD></HEAD><BODY><P>No, the ASA does allow creation of CA server, but from what I've read online it only supports client based and web based VPN (IPSEC and SSL).&nbsp; There is no mention about site to site IPSEC.</P><P>FYI, I have created CA locally on the ASA previously and it does support it 100%.</P></BODY></HTML> Wed, 14 Dec 2011 09:29:31 GMT https://community.cisco.com/t5/network-security/site-to-site-vpn-with-certificate-authentication-using-asa-as/m-p/1868266#M491277 Mohammed Islam 2011-12-14T09:29:31Z https://community.cisco.com/t5/network-security/site-to-site-vpn-with-certificate-authentication-using-asa-as/m-p/1868267#M491280 <HTML><HEAD></HEAD><BODY><P>New stuff <SPAN __jive_emoticon_name="happy" __jive_macro_name="emoticon" class="jive_macro jive_emote" src="https://community.cisco.com/4.5.4/images/emoticons/happy.gif"></SPAN> </P><P></P><P>But why it does not work for site to site? I mean if both peers are able to get a certificate from the ASA I dont know what could go wrong creating the tunnel. </P><P></P><P>Let me know. </P><P></P><P>Mike </P></BODY></HTML> Wed, 14 Dec 2011 16:44:30 GMT https://community.cisco.com/t5/network-security/site-to-site-vpn-with-certificate-authentication-using-asa-as/m-p/1868267#M491280 Maykol Rojas 2011-12-14T16:44:30Z