cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
943
Views
0
Helpful
2
Replies

MSFT CA vs. ASA built-in CA

CSCO12052693
Level 1
Level 1

I'm trying to setup VPN users to authenticate with digital certificates as part of 2 factor authenication. With a 5510 (upgrading to 5515) with access to Microsoft 2008r and 2012, Which would be a better fit the Microsoft service or the built-in CA service on the ASA? (needed for less than 25 VPN users but would like setup for growth.)

Thanks,

Jeremy

1 Accepted Solution

Accepted Solutions

fashour
Level 1
Level 1

You would get more benefit out of MS-CA. backups, scale, management, flexibility to use for other purposes if needed (wireless/dot1x for example) are some of the advantages. The Local CA works however and is considered more cost effective.

FaDi

View solution in original post

2 Replies 2

fashour
Level 1
Level 1

You would get more benefit out of MS-CA. backups, scale, management, flexibility to use for other purposes if needed (wireless/dot1x for example) are some of the advantages. The Local CA works however and is considered more cost effective.

FaDi

Thanks for the reply. Think I'll try out MS-CA.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: