Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6508
Views
0
Helpful
3
Replies

What will happen if Certificates on ASA box expired

amnuaymek
Level 1
Level 1

‎04-09-2010 06:57 PM

Hi All,

Just cannot find appropriate document about what affected by Expired Certification on ASA bow.

I use this certificates for Client-to-Site and Site-to-Site VPN.

If you can help answer or point to appropriate docs will be a lot of help.

Thank you very much.

AM.  

Labels:
0 Helpful
3 Replies 3

Jennifer Halim
Cisco Employee
Cisco Employee

‎04-10-2010 12:11 AM

If you use certificate to authenticate the vpn client or for site-to-site vpn authentication, with expired certificate, authentication will not work, and you won't be able to establish the VPN tunnel.

You would need to renew the certificate.

0 Helpful

amnuaymek
Level 1
Level 1
In response to Jennifer Halim

‎04-15-2010 08:15 PM

Hi halijenn ,

Thank you very much for your answer! Anyway can you leads me to some doc then I can read more

    

0 Helpful

Jennifer Halim
Cisco Employee
Cisco Employee
In response to amnuaymek

‎04-16-2010 02:56 AM

Since authentication is done via the certificate for remote vpn client and lan-to-lan, if the certificate has expired, it will not able to authenticate, hence, they won't be able to connect. Just like if a password has expired, you were not able to authenticate anymore, hence can't connect through vpn.

Here is a sample configuration on how to renew a certificate:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00809fcf91.shtml

The sample configuration is on how to renew SSL certificate, but the concept is the same for any certificate renewal.

0 Helpful
Customers Also Viewed These Support Documents