Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
492
Views
0
Helpful
0
Replies

Certificate to Tunnel-Group Mapping using the OU Field

thomas.busse
Level 1
Level 1

‎10-10-2013 03:59 AM

Hello,

I have got a problem mapping a certificate to a tunnel-group, using the default "tunnel-group-map enable ou" command.

I have several tunnel-groups and certificates that work just fine which have a DN of CN="user";"OU="Department";dc="company".

The certificate that won't work, has several OU-Fields --> DN --> CN="user";OU="Clients";OU="abc";OU="xyz";dc="company", and I want to map on the OU="Clients, so I named my tunnel-group Clients.

The problem is see in ASA Logs is, that it tries to find a tunnel-group mapping for the OU="xyz" and not for the OU="Clients".

Is the ASA capable to handle certificates with more than one OU-Field? How could I get this to work or is there a missconfiguration in the certificate template?

Thanks for any advice.

Best regards,

Thomas

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents