If you need the certificate based authentication just for one provider/tunnel and you have a dedicated Border Router in DC, what are the arguments against using the hub router as root ca or the Master Controller as root ca?
The point is the customer wants to change the security to a IWAN PKI deployment but does want to add an additional dedicated router in dc.
Many Thanks for your answers and thought in advance
Troubleshooting a failed ISE Upgrade Readiness Tool Assessment
About the Author
Richard Atkin is an Engineer at a Cisco Partner in the UK, specialising in ISE, WiFi & Prime... I'm also currently learning about APIs, Webhooks, AWS, (etc et...
Security Product and architecture introduction-NGFW portflio(8/6)