Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
425
Views
0
Helpful
2
Replies

aaa rules certificate address mismatch problem

draganskundric
Level 1
Level 1

‎06-28-2010 11:45 AM - edited ‎03-11-2019 11:04 AM

I have several web sites with different names that are protected by aaa rules and external radius server against which user must authenticate. Problem is that when fw send its page with username and password, browser reports certificate address mismatch, because ther is difference between site name in ASA self signet certificate and site that is accessed. Is there a way to avoid this by some config in ASA. I know it is possible to turn off this check in IE, but thi is not preffered way for solving this.

thanks

Labels:
0 Helpful
2 Replies 2

Marcin Latosiewicz
Cisco Employee
Cisco Employee

‎06-29-2010 10:14 AM

Dragan,

I've played long time ago and only in the lab with CTP so I was never bothered by warnings.

What do you have configured?

Did you try using redirect with listener?

http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/a1.html#wp1556188

Do you have secure client enabled?

http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/a1.html#wp1556729


I'm not sure if even installing a proper cert on the ASA/PIX will help.

Marcin

0 Helpful

draganskundric
Level 1
Level 1
In response to Marcin Latosiewicz

‎07-01-2010 10:44 AM

we solved it by using identity

certificate on ASA that has all server names that are accessed, stated in CN of certificate, a

nd this is working

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card