Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
498
Views
0
Helpful
2
Replies

ASA Identity Certificate best practices

Go to solution
kajumblies15
Level 1
Level 1

‎09-16-2021 05:42 AM

Does anyone know what the best practices are for Identity certificates on the cisco ASA. 

Specifically if I cut a cert for Remote Access VPN is it ok to use that same cert for the management interface?

What is Cisco's recommendation here?

 

Thank You

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP

‎09-16-2021 07:13 AM

@kajumblies15 

In my opinion if the client computer trusts the certificate then you can use it for RAVPN and on the management interface. You should also  ensure is that you are using the strongest protocols TLS/DTLS 1.2 (so disable TLS 1.0 and 1.1) and ensure you are using the stongest crytpo algorithms.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Rob Ingram
VIP
VIP

‎09-16-2021 07:13 AM

@kajumblies15 

In my opinion if the client computer trusts the certificate then you can use it for RAVPN and on the management interface. You should also  ensure is that you are using the strongest protocols TLS/DTLS 1.2 (so disable TLS 1.0 and 1.1) and ensure you are using the stongest crytpo algorithms.

0 Helpful

Go to solution
kajumblies15
Level 1
Level 1
In response to Rob Ingram

‎09-16-2021 07:16 AM

@Rob Ingram 

That makes sense to me. And absolutely on the strong protocols and crypto algorithms. 

Thank You so much!!

0 Helpful
Customers Also Viewed These Support Documents