03-18-2013 05:22 AM
Hello
I can't understand why do I have to attach the trustpoint to the crypto map - like this
ASA(config)# crypto map
03-18-2013 06:16 AM
This is needed when ASA acts as initiator of vpn-tunnel.
In that case, by default there is no tunnel-group associated with outgoing connections, and the authentication attributes could not be properly defined if you don't define it using this command.
03-18-2013 06:29 AM
Dmytro,
To begin with, the ASA and the Router are two different devices, so you cannot expect the same behavior from both.
On the other hand, please check this out:
To specify the trustpoint that identifies the certificate to send for authentication during Phase 1 negotiations for the crypto map entry, use the crypto map set trustpoint command in global configuration mode.
This crypto map command is valid only for initiating a connection..
So it has be in your configuration
HTH.
Portu.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide