Hi all, I believe the 3 authentication methods in a Site-Site VPN are PSK, PKI and RSA-sig. But I am not very clear about how different PKI and RSA Sig mechanisms are from each other. So can someone please explain the difference between same?
Solved! Go to Solution.
A Site-to-Site VPN can use either PSK or certificates to authenticate. A certificate is either rsa-sig or ecsda-sig (Suite-B NGE) they are issued by a PKI (aka Certificate Authority). You need a PKI (Public Key Infrastruture) in order to distribute the certificates to use for certificate authentication.