Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1266
Views
0
Helpful
1
Replies

Setting up Remote Access VPN using third party certificate.

gchevalley
Level 1
Level 1

‎11-07-2013 09:21 AM - edited ‎02-21-2020 07:18 PM

We currently have a couple of remote access VPN's using pre-shared keys but need to transition those to using certificates in the near future.  User authentication is provided by RSA tokens.  We have 5510 ASA at another location that I am using as a test bed to configure a remote access VPN using a third party certificate.  We purchased an identity certificate for the ASA from GoDaddy and have installed both the identity certificate and the root CA cert on the ASA.  The question now is how to setup the Cisco VPN Client.  Do we need to purchase seperate certificates for each of the remote clients?  Will it work using the same certificate on several different clients?  Is there a way to do this without having to purchase third party certificates?

Labels:
0 Helpful
1 Reply 1

Marcin Latosiewicz
Cisco Employee
Cisco Employee

‎11-09-2013 01:15 AM

For SSLVPN and HTTPS in general it's best to have a certificates with from one of the big PKI providers.

For IPsec however it is not required. You can have both ASA and user certificates provided by an internal CA (windows CA, openCA, ejbca, etc...)

There is a basic configuration example:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080930f21.shtml

It might not be EXACTLY what you're looking for but should get you started.

0 Helpful
Customers Also Viewed These Support Documents