01-18-2012 08:39 AM - edited 02-21-2020 05:49 PM
Hi,
Is there a way I can configure a remote access VPN on a Cisco 5505 using digital certs instead of pre-shared key. I dont want to use a 3rd party CA, can the ASA perform this role? with a self signed cert?
Thanks
01-18-2012 08:48 AM
Have a look a the below
http://www.cisco.com/en/US/products/ps6120/prod_configuration_examples_list.html
01-18-2012 08:49 AM
Both RA RSA examples involve using a MS CA?
01-18-2012 08:53 AM
Yes - and they are examples to give you an idea on which direction you need to go in. And I am pretty sure someone has either done or close to what you want to do - use your favorite search engine and have a look?!
01-18-2012 08:55 AM
I have read those articles and no they dont help, hence specifying using the ASA. and yes I am looking for the answer on an SE
01-18-2012 09:00 AM
So you looked at all the config examples??
So you want to use VPN with Digital Certs - but with a self signed cert on the ASA....
1) How to on digital certs
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080930f21.shtml
So you just ignore the bit about the MS CA
2) How to on createing the self signed cert of the ASA
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808efbd2.shtml
So you ignore everything about the AnyConnect config
Fo the client certs - you are on your own there!!!
01-18-2012 09:01 AM
Here is a link, below from Cisco, will help you with the config and it is a quite a mouthful.
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080930f21.shtml
Thanks
Rizwan Rafeek
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: