Re: PIX IPSEC VPN and Microsoft CA

sapao · ‎05-09-2001

We need to put to work an access-VPN (remote clients to PIX firewall) with a Microsoft CA. We already have a Microsoft CA working with a Web-based application and would like to use the same CA for the VPN but we do not want to have users being able to mess up by using certificates issued for web access with the VPN. We know that Microsoft CA can generate certificates with flags that indicate suitable uses for the certificate (web access, VPN, etc) in addition to specifying signature/encryption only certificates.

Our question is: will Cisco VPN clients and the PIX firewall understand the flags that specify that the certificate should only be used for VPN or web access?

k.poplitz · ‎05-15-2001

That sounds like a Microsoft proprietary feature. Have you had the chance to test it yet?

PIX IPSEC VPN and Microsoft CA

Cisco ISE and Microsoft Windows Autopilot

Catalyst SD-WAN : Generic SIGを用いたSecure AccessとのIPsec VPNの確立

Implemention of IPsec VPNs

Cisco ISE with Microsoft Cloud PKI

C841M IPsec VPN 設定例