cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
811
Views
0
Helpful
5
Replies

Authentication with Machine certificate

Hello, 

 

I have anyconnect VPN and I would like to set up a profile that performs authentication with AD credentials and machine certificate.

With AD credentials I am ok.

I am not sure about the certificate.  How can I use the machine certificate and not user certificate?

 

Thanks and regards, 

Konstantinos

5 Replies 5

balaji.bandi
Hall of Fame
Hall of Fame

Hello All,

I found this link about client profile
https://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect40/administration/guide/b_AnyConnect_Administrator_Guide_4-0/anyconnect-profile-editor.html#ID-1430-00000061

This is where you can choose the kind of certificate it will check.
When I will implement it, I will inform.

Regards,
Konstantinos

Sure that is for any connect side, you also need a certificate mapped at ASA side for the group or profiles.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Hello BB,

I am not sure what you mean?
I will tell the ASA to check the machine certificate of the client who wants to connect.
If ASA trusts the certificate, I do not need sth else, right?

Regards,
Konstantinos

Sure as long ASA trust that certificate that should be good. The second auth will be AD or multifactor authentication.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help