Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
850
Views
5
Helpful
2
Replies

ASA with redundant internet connections

filip00011
Level 1
Level 1

‎12-28-2018 10:58 PM

Situation:

I have ASA 5506. With dual internet connection. It all works.

Problem: I need certificate for anyconnect on both outside interfaces.

They need different FQDN.

As far as I know ASA can have only one hostname. Can I achieve this?

Check the picture!

Labels:
Preview file
35 KB
0 Helpful
2 Replies 2

Karsten Iwen
VIP
VIP

‎12-29-2018 01:14 AM

The name(s) in the certificate is completely independent of the ASA hostname. You just have to:

  • pick two public FQDNs for the VPN
  • Get a certificate with these two FQDNs
  • configure these two FQDNs to point to your public IPs in DNS
  • Add the certificate to the ASA and configure both outside interfaces to use this certificate

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Karsten Iwen

‎12-29-2018 08:58 PM

Adding to what @Karsten Iwen said, in certificate terminology the additional Fully-Qualified Domain Names (FQDNs) associated with a certificate are known as Subject Alternative Names (SANs).

 

Some Certificate Authorities (CAs) refer to certificates with multiple SANs as "UC" certificates due to them being used historically with Unified Communications systems.

0 Helpful
Customers Also Viewed These Support Documents