09-16-2021 05:42 AM
Does anyone know what the best practices are for Identity certificates on the cisco ASA.
Specifically if I cut a cert for Remote Access VPN is it ok to use that same cert for the management interface?
What is Cisco's recommendation here?
Thank You
Solved! Go to Solution.
09-16-2021 07:13 AM
In my opinion if the client computer trusts the certificate then you can use it for RAVPN and on the management interface. You should also ensure is that you are using the strongest protocols TLS/DTLS 1.2 (so disable TLS 1.0 and 1.1) and ensure you are using the stongest crytpo algorithms.
09-16-2021 07:13 AM
In my opinion if the client computer trusts the certificate then you can use it for RAVPN and on the management interface. You should also ensure is that you are using the strongest protocols TLS/DTLS 1.2 (so disable TLS 1.0 and 1.1) and ensure you are using the stongest crytpo algorithms.
09-16-2021 07:16 AM
That makes sense to me. And absolutely on the strong protocols and crypto algorithms.
Thank You so much!!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide