Im sorry if this question has been posted million times ago but i wasn't able to find it here from a fast search i did. Its a really simple question but im new to this field and i couldn't find any info regarding this either. I must create a point-to-point vpn connection with two firewall cisco asa by using certificates. Do i have to buy 2 separate certificates or one is enough?
Thank you all advance.
You need one identity-certificate for each ASA. But for site-to-site you can easily use your own CA (running on an IOS-router, Windows Server or even build by OpenSSL) so that you don't have to buy these. Only the build-in CA of the ASA can't be used as this CA is only for SSL-remote access.
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
One more thing i would like to ask if it happens to know... We are required to use trusted certificates due to a requirement from a third party authority. Therefore we bought wildcard certificates from which we would like to create two of them in the manner of (site1.domainname.it) and (site2.domainname.it). Will they be able to communicate between them or they will have to use the same name?