cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
400
Views
0
Helpful
1
Replies

ASA SSL-VPN problem using certificate and load balancing

gabrieleferrari
Level 1
Level 1

Hi,

i'm trying to implement VPN access with SSL-VPN and load balancing between 2 ASA.

After i've performed the configuration for WebVPN and load balancing between ASA all works ok, but there are 2 warnings in the Certificate Security Alert Form.

The first warning is due to the use of selfsigned Certificate, the second warning is due to a mismatch between the real ip address of the appliance and the virtual ip address for the load balance.

Now, the goal is to remove this 2 warnings.

The first workaround that i've found is to configure multiple CN in the certificate (3 in my environment).

Using this method i've removed the second warning.

For remove the first warning i've think to use a Verisign's certificate, but they do not support multiple CN in the certificate.

Anyone have an idea for a possible solution or workaround to this problem?

In attach the asa configuration.

Thank you for your assistance and availability

1 Reply 1

thomas.chen
Level 6
Level 6

I suggest you contact Verisign to generate CRL's for the incorrect certificates