ASA - WebVPN - Authentication with client certificate

Unanswered Question
Jun 11th, 2007
User Badges:

Has anyone managed to authenticate with certificates to ASA for WebVPN ?


I configured


tunnel-group DefaultWEBVPNGroup webvpn-attributes

authentication certificate


but still getting the error message


Group <DefaultWEBVPNgroup> User <...> IP <...> Authentication:rejected, Session Type: WebVPN



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (2 ratings)
Loading.
cscherb Fri, 06/15/2007 - 11:17
User Badges:

I was able to use digital certificates with WebVPN using the folowing configuration:


tunnel-group DefaultWEBVPNGroup general-attributes

authorization-server-group LOCAL

authorization-required

authorization-dn-attributes CN

tunnel-group DefaultWEBVPNGroup webvpn-attributes

authentication certificate


In addition to this configuration I had to add alle CN values of certificates which are allowed to establish a WebVPN session to the local database.

Actions

This Discussion