Hi All,
I am building a site-to-site VPN using Microsoft CA. One end is Cisco 2811 router and the other end is PIX 6.3(4). The Microsoft CA is the Sub-CA with a 4096 bit root cert. I use SCEP to obtain certificate. It's work on the 2811 router but failed on the PIX.
ca generate rsa key 1024
ca identity dsisca1 192.168.5.208:/certsrv/mscep/mscep.dll
ca configure dsisca1 ra 1 20 crl
ca authen dsisca1
and it couldn't be authenticated successfully.
Attached is the debug crypto ca message, is there any limitation on the PIX?
Thanks in advance!!