cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
732
Views
0
Helpful
3
Replies

ASA 5520 vpn configuration

cisco4inform
Level 1
Level 1

Hi everyone,

Im sorry if this question has been posted million times ago but i wasn't able to find it here from a fast search i did.  Its a really simple question but im new to this field and i couldn't find any info regarding this either.  I must create a point-to-point vpn connection with two firewall cisco asa by using certificates.  Do i have to buy 2 separate certificates or one is enough? 

Thank you all advance.               

3 Replies 3

You need one identity-certificate for each ASA. But for site-to-site you can easily use your own CA (running on an IOS-router, Windows Server or even build by OpenSSL) so that you don't have to buy these. Only the build-in CA of the ASA can't be used as this CA is only for SSL-remote access.

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

Thank you for your answer.

One more thing i would like to ask if it happens to know... We are required to use trusted certificates due to a requirement from a third party authority.  Therefore we bought wildcard certificates from which we would like to create two of them in the manner of (site1.domainname.it) and (site2.domainname.it).  Will they be able to communicate between them or they will have to use the same name?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: