06-11-2019 07:12 AM
Can a site to site vpn be created between two 4000 series routers using Secure Unique Device Identifier (SUDI) and no preshared keys. Is there a sample configuration ?
As for the security, can the SUDI certificate and key be extracted from the router ?
Solved! Go to Solution.
06-19-2019 06:06 AM
Hi ,
Currently this is an enhacement , so currently not possible
CSCvd76136
Thanks
Shakti
06-19-2019 06:06 AM
Hi ,
Currently this is an enhacement , so currently not possible
CSCvd76136
Thanks
Shakti
12-05-2019 10:45 AM
I am using the SUDI cert to authenticate a device to a Cisco EST CA. The CA returns an a certificate that is used for both VPN and DMVPN tunnels. I am also using the SUDI cert to authenticate to an NSO PnP server. It is working very well with IOS, however, I have recently discovered that NSO cisco-pnp 1.8.0 does not have the CA chain for IOS-XE SUDI certs (High Assurance SUDI CA -> Cisco Root CA 2099) as we moved our CVO's to 1100's with IOS-XE.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: