ASA SSL VPN Client Certificate Help

Unanswered Question
Sep 13th, 2007

I'm currently trying to get my ASA 5540 (7.22) to support client certificate authenticated (in addition to AAA) for the SSL VPN client. I have no existing PKI infrastructure, so I'm trying to figure out if the ASA can do standalone client certificate authentication.

I know enabling certificate authentication is as easy as enabling it on the interface, but is there any way to tell the ASA to authorize all certs with CN of

So, I'm basically looking for a way to install certificates on client machines and then have the ASA authenticate those users without having any sort of independent revocation list.

I've been reading the following articles:

Also, I haven't checked to see if this is possible with 8.0, so I'm off to read those docs.

Any help would be greatly appreciated.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion