09-02-2020 11:23 AM
I'm trying to setup SCEP enrollment but receiving the following error:
MYFW(config-group-policy)# scep-forwarding-url value http://myscepserver/path/scep.xxx
Attempting to retrieve the CA/RA certificate(s) using the URL. Please wait ...
WARNING: Failed to receive the CA/RA certificate(s) from the CA
I believe that this may be due to the firewall attempting to an interface other than 'management' to connect. Unfortunately, none of my other interfaces have access to http://myscepserver URL.
Is it possible to use the management interface for scep-forwarding-url command?
I could not find a way to do it similarly to how it's possible with many other commands such as:
route management x.x.x.x
name-server x.x.x. management
aaa-server xxx (management)
http x.x.x management
ssh x.x.x management
etc., etc.
Thank you.
Solved! Go to Solution.
09-08-2020 09:04 AM
Hi Roberto,
The issue you are describing will be expected considering CSCvg99811, as the workaround says you should be able to get this working by configuring the interface on which the CA resides as normal, not management-only.
Hope this info helps!!
Rate if helps you!!
-JP-
09-08-2020 09:04 AM
Hi Roberto,
The issue you are describing will be expected considering CSCvg99811, as the workaround says you should be able to get this working by configuring the interface on which the CA resides as normal, not management-only.
Hope this info helps!!
Rate if helps you!!
-JP-
09-08-2020 10:40 AM
Thank you. I could not find that bug in my searches.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide