05-15-2021 08:38 AM
Hi all.
I am trying to set up remote access VPN from a Windows client to an ASA running 9.12 software.
The requirements I have:
- IPsec with IKEv1
- Certificates from our internal Microsoft CA should be used for authentication
- Windows 10 VPN client should be used
Has anyone been able to set this up?
I got it working with PSK/XAUTH, but no luck with certificates.
Any help would be appreciated!
Cheers
Frank
05-15-2021 09:47 AM
I would avoid all these struggles and directly use AnyConnect.
05-16-2021 03:37 AM
Thanks for the reply - but that wasn´t exactly the answer I was looking for...
05-16-2021 07:13 AM
Yes, I expected that. But you try to implement it in a ways that Cisco abandoned a decade ago. Most people (myself included) have moved on for easier implementation and better security.
05-16-2021 11:54 AM - edited 05-16-2021 11:57 AM
Easier implementation and better security is IMHO highly debateable. When I think about the countless security advisories regarding AnyConnect...
Also I can´t think of easier implementation if you have a working AD.
And then there is the costs. AnyConnect doesn´t come for free.
Just BTW: The Win 10 build-in VPN client would also support IKEv2. But same story - I haven´t found a working configuration anywhere -> which is why I came here (to ask) in the first place
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: