cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
293
Views
0
Helpful
1
Replies

Client VPN & certificate revocation.

johnleeee
Level 1
Level 1

Hi all,

Id like to talk about our issue. We have created

client's VPN to our network (use PIX with PIXOS 8.0). Authentification is throught certificates. Problem is, that when we revocate certificate of user in CA , he/she can still connect into network. We use Microsoft CA. The users certificates are in revocation list (no problem) but PIX has no any idea if certificate is OK or revocated.

Any idea?

BR

jl

1 Reply 1

ivillegas
Level 6
Level 6

The CA requires that both IPSec peers transact with a Registration Authority (RA), which then forwards the requests through to the CA. Both the remote IPSec peer and the local IPSec peer must be configured with the both the CA and RA public keys. The CA and RA public keys are signature and encryption key pairs, which must be generated and enrolled for authentication to occur.