03-17-2021 06:57 AM
So I'm building a VPN to a Checkpoint harmony solution and have been given a suggested configuration from Harmony.
The config I'm supposed to enter has a FQDN address as peer and any as remote network. The problem right now is that the ASA5545(version9.1(7.23)) do not accept the peer FQDN as it replies 'unrecognized command' ..
I've entered the 'crypto isakmp identity hostname' command.
Anyone who has a decent guide for setting up VPN to checkpoint Harmony?
Solved! Go to Solution.
03-17-2021 07:31 AM - edited 03-17-2021 07:45 AM
Use the crypto isakmp identity command with the auto keyword to configure the identity to be automatically determined from the connection type. For example:
hostname(config)# crypto isakmp identity auto
Note If you use the crypto isakmp identity auto command, you must be sure that the DN attribute order in the client certificate is CN, OU, O, C, St, L.
Just a side note why dont you upgrade you ASA code 9.1(7.23) is old code with vulnerabitliy consider upgrading the software on ASA.
03-17-2021 07:31 AM - edited 03-17-2021 07:45 AM
Use the crypto isakmp identity command with the auto keyword to configure the identity to be automatically determined from the connection type. For example:
hostname(config)# crypto isakmp identity auto
Note If you use the crypto isakmp identity auto command, you must be sure that the DN attribute order in the client certificate is CN, OU, O, C, St, L.
Just a side note why dont you upgrade you ASA code 9.1(7.23) is old code with vulnerabitliy consider upgrading the software on ASA.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide