09-02-2020 11:23 AM
I'm trying to setup SCEP enrollment but receiving the following error:
MYFW(config-group-policy)# scep-forwarding-url value http://myscepserver/path/scep.xxx
Attempting to retrieve the CA/RA certificate(s) using the URL. Please wait ...
WARNING: Failed to receive the CA/RA certificate(s) from the CA
I believe that this may be due to the firewall attempting to an interface other than 'management' to connect. Unfortunately, none of my other interfaces have access to http://myscepserver URL.
Is it possible to use the management interface for scep-forwarding-url command?
I could not find a way to do it similarly to how it's possible with many other commands such as:
route management x.x.x.x
name-server x.x.x. management
aaa-server xxx (management)
http x.x.x management
ssh x.x.x management
etc., etc.
Thank you.
Solved! Go to Solution.
09-08-2020 09:04 AM
Hi Roberto,
The issue you are describing will be expected considering CSCvg99811, as the workaround says you should be able to get this working by configuring the interface on which the CA resides as normal, not management-only.
Hope this info helps!!
Rate if helps you!!
-JP-
09-08-2020 09:04 AM
Hi Roberto,
The issue you are describing will be expected considering CSCvg99811, as the workaround says you should be able to get this working by configuring the interface on which the CA resides as normal, not management-only.
Hope this info helps!!
Rate if helps you!!
-JP-
09-08-2020 10:40 AM
Thank you. I could not find that bug in my searches.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: