Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
628
Views
0
Helpful
2
Replies

Using Local CA Server on ASA

Kevin Melton
Level 2
Level 2

‎02-01-2013 02:34 PM

Forum

I have an IT client whom up until recently was using Group Authentication for their IPsec VPN's.

Recenly they are having to switch to using Certificates.

I would like to create a Certificate on the ASA (we are running 8.4.3.

is it possible to create the Certificate on the ASA, then have workstations/laptops use the CA that the ASA creates to be used as the certificate in their Cisco VPN client?

Thank You.                  

Labels:
0 Helpful
2 Replies 2

JORGE RODRIGUEZ
Level 10
Level 10

‎02-03-2013 06:43 PM

Hi Kevin,   as far as I know  yes  it is possible  to use ASA as local CA authority also for ra vpn clients.

Reference bellow link documentation regarding digital certificates - including local CA.

http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/access_certs.htm

You can use this link IPsec Client VPN as a guide( same concept )  for installing the certificates on  RA vpn clients 

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080930f21.shtml

Regards

Jorge Rodriguez
0 Helpful

harshisi_2
Level 1
Level 1

‎02-04-2013 09:47 AM

Hi Kevin,

I belive the local CA server can only be used for SSL vpn clients not IPSEC. You may wana look into creating a standalone microsoft CA to achieve the required results.

Regards,

~Harry

0 Helpful
Customers Also Viewed These Support Documents