cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
631
Views
0
Helpful
1
Replies

PIX IPSEC VPN and Microsoft CA

sapao
Level 1
Level 1

We need to put to work an access-VPN (remote clients to PIX firewall) with a Microsoft CA. We already have a Microsoft CA working with a Web-based application and would like to use the same CA for the VPN but we do not want to have users being able to mess up by using certificates issued for web access with the VPN. We know that Microsoft CA can generate certificates with flags that indicate suitable uses for the certificate (web access, VPN, etc) in addition to specifying signature/encryption only certificates.

Our question is: will Cisco VPN clients and the PIX firewall understand the flags that specify that the certificate should only be used for VPN or web access?

1 Reply 1

k.poplitz
Level 3
Level 3

That sounds like a Microsoft proprietary feature. Have you had the chance to test it yet?