01-22-2014 09:43 AM - edited 03-10-2019 09:18 PM
I'm trying to setup VPN users to authenticate with digital certificates as part of 2 factor authenication. With a 5510 (upgrading to 5515) with access to Microsoft 2008r and 2012, Which would be a better fit the Microsoft service or the built-in CA service on the ASA? (needed for less than 25 VPN users but would like setup for growth.)
Thanks,
Jeremy
Solved! Go to Solution.
01-22-2014 02:00 PM
You would get more benefit out of MS-CA. backups, scale, management, flexibility to use for other purposes if needed (wireless/dot1x for example) are some of the advantages. The Local CA works however and is considered more cost effective.
FaDi
01-22-2014 02:00 PM
You would get more benefit out of MS-CA. backups, scale, management, flexibility to use for other purposes if needed (wireless/dot1x for example) are some of the advantages. The Local CA works however and is considered more cost effective.
FaDi
01-23-2014 09:21 AM
Thanks for the reply. Think I'll try out MS-CA.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide