cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
442
Views
0
Helpful
2
Replies
Robert Cervantez
Beginner

ASA SCEP Enrollment - Management Interface?

I'm trying to setup SCEP enrollment but receiving the following error:

 

MYFW(config-group-policy)# scep-forwarding-url value http://myscepserver/path/scep.xxx

Attempting to retrieve the CA/RA certificate(s) using the URL. Please wait ...
WARNING: Failed to receive the CA/RA certificate(s) from the CA

 

I believe that this may be due to the firewall attempting to an interface other than 'management' to connect.  Unfortunately, none of my other interfaces have access to http://myscepserver URL.

 

Is it possible to use the management interface for scep-forwarding-url command?

 

I could not find a way to do it similarly to how it's possible with many other commands such as:

route management x.x.x.x

name-server x.x.x. management

aaa-server xxx (management)

http x.x.x management

ssh x.x.x management

etc., etc.

 

Thank you.

1 ACCEPTED SOLUTION

Accepted Solutions
JP Miranda Z
Cisco Employee

Hi Roberto,

 

The issue you are describing will be expected considering CSCvg99811, as the workaround says you should be able to get this working by configuring the interface on which the CA resides as normal, not management-only.

 

Hope this info helps!!

 

Rate if helps you!! 

 

-JP- 

View solution in original post

2 REPLIES 2
JP Miranda Z
Cisco Employee

Hi Roberto,

 

The issue you are describing will be expected considering CSCvg99811, as the workaround says you should be able to get this working by configuring the interface on which the CA resides as normal, not management-only.

 

Hope this info helps!!

 

Rate if helps you!! 

 

-JP- 

View solution in original post

Thank you.  I could not find that bug in my searches.

Content for Community-Ad