cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
141
Views
0
Helpful
0
Replies
m.foehrenck
Beginner

Anyconnect cannot check recvocation of VPN-server certificate

Hi everbody,

 

i am working on a SSL remote access scenario with a ASA5515 ,AnyConnectSecureMobilityClient and Primekey EJBCA.

Following scenario raises a question:

I revoked the ASA Identity Cert and wonder why i can successfully establish a VPN Tunnel.

The VPN-GW authenticates itself with a revoked cert to the VPN client, which has no functionality to do a revocation check.

AnyConnect has no OCSP/CRL checking support.

Why is this NOT a problem ?

Thanks for any arguments in advance !

 

Best regards

Markus

 

 

0 REPLIES 0