Hi all,
We have VPN IPSec tunnels on cisco routers between Remote/Central sites. I'd like to replace the old 2811 by 29xx on the remote sites.
So I did export/import RSA key for the certificate as follows:
On 2811:
# crypto pki export xxx pkcs12 terminal xxx
On 29xx:
# crypto pki import xxx pkcs12 terminal xxx
But the IPSec tunnel didn't go up, it stayed in MM mode giving "Bad certificate" message in the log.
I ckecked and compared the RSA key and certificate between these routers; they are the same in characters.
Do you have any idea? Where is the problem ?
Thanks for your answer.
Regards,
hdam