Client VPN & certificate revocation.

Unanswered Question
Aug 22nd, 2007

Hi all,

Id like to talk about our issue. We have created

client's VPN to our network (use PIX with PIXOS 8.0). Authentification is throught certificates. Problem is, that when we revocate certificate of user in CA , he/she can still connect into network. We use Microsoft CA. The users certificates are in revocation list (no problem) but PIX has no any idea if certificate is OK or revocated.

Any idea?



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
ivillegas Tue, 08/28/2007 - 08:21

The CA requires that both IPSec peers transact with a Registration Authority (RA), which then forwards the requests through to the CA. Both the remote IPSec peer and the local IPSec peer must be configured with the both the CA and RA public keys. The CA and RA public keys are signature and encryption key pairs, which must be generated and enrolled for authentication to occur.


This Discussion