ā12-29-2017 07:01 AM - edited ā03-12-2019 04:52 AM
Hello,
I have set up an SSL AnyConnect on ASA and using ACS for authentication. I am wondering if it is possible to use ACS for Machine authentication using certificates before user authentication. Any document or help would be highly appreciated.
Thanks,
Kevin
Solved! Go to Solution.
ā12-29-2017 08:19 AM
A SSL VPN connection will terminate the certificate authentication on the ASA. The ACS can not authenticate based on certificate, because the certificate will not be sent to the ACS.
Secondary certificate authentication can be set up on the ASA:
http://www.labminutes.com/sec0127_ssl_vpn_anyconnect_client_certificate_double_authentication_1
ā12-29-2017 08:19 AM
A SSL VPN connection will terminate the certificate authentication on the ASA. The ACS can not authenticate based on certificate, because the certificate will not be sent to the ACS.
Secondary certificate authentication can be set up on the ASA:
http://www.labminutes.com/sec0127_ssl_vpn_anyconnect_client_certificate_double_authentication_1
ā12-29-2017 08:39 AM
Thank you Bogdan for the provided link, In this video user certificate is being test and ASA does this test. What I am looking for is to find a way to do Computer authentication(certificate) with ACS.
Thanks again
ā12-29-2017 08:59 AM
Sorry, I just realized that ASA can not send certificate to ACS. Have you got any resource about using computer certificate instead of user certificate in this scenario?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide