Question:
In commissioning a Hub and Spoke Architecture in a DMVPN design.
My question for each spoke router that is looking to authenticate into the network with CA nodes does each router create its own RSA key.
Here is the configuration for each spoke:
Generate RSA key pair;
config t
crypto key generate rsa label <spoke-keys>
(generate 512 bit RSA keys)
ii/ Configure enrollment on Spoke router to Hub network
config t
crypto pki trustpoint ra
enrollment url http://A.B.C.D:80
revocation-check none
auto-enroll 70 regenerate
rsakeypair <spoke-keys>
exit
So does each Spoke router have to create a unique key to authenticate to RA-HUB node?
ie. spoke-key = each spoke new number 20 spokes equals 20 different spoke-keys.
Not sure and need some insight.