cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
configure & troubleshoot anyconnect
147
Views
5
Helpful
2
Replies
Highlighted
Beginner

IKEv2 Certificate authentication

Hello all,

 

Is it possible to create two VPN Sessions with one Certificate (Private Key, Public Key)?

The ASA has his own Certificate and can Authenticate the other two but currently only one of the other peers can connect. If the otherone tries to establish a connection the first one will be deleted and the ASA creates a new one.

Both IPSec Gateways have there own Connection Profile but are using the same Certificate.

 

Is this behaviour specified in one of the RFCs to IKEv2 or Certificate authentication?

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: IKEv2 Certificate authentication

Hi,

 

That is correct, we currently look into the ID payload to maintain crypto session naturally if the certificate is same the ID payload would be same as well in which case the only 1 user can connect.

 

Thanks

Shakti

2 REPLIES 2
Cisco Employee

Re: IKEv2 Certificate authentication

Hi,

 

That is correct, we currently look into the ID payload to maintain crypto session naturally if the certificate is same the ID payload would be same as well in which case the only 1 user can connect.

 

Thanks

Shakti

Beginner

Re: IKEv2 Certificate authentication

Thank you for the Info :)