Basic L2L with Digitial Certificates question

Unanswered Question
Apr 12th, 2008
User Badges:

Hi friends,

When setting up a L2L VPN between two peers, if certificate based authentication is required, and if these two peers are from different networks, then i believe that third party CA is the way to go.

Lets say that one VPN peer is a VPN Concentrator and the other end VPN peer is PIX / ASA / IOS Router, then should both these peers acquire identity certificate from same third party CA or can they acquire identity certificates from different third party CA's.

Lets say that VPN Concentrator needs to build a L2L with ASA, can VPN Concentrator have an identity certificate from Verisign and ASA from Baltimore?

Thanks a lot


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
owillins Thu, 04/17/2008 - 13:56
User Badges:
  • Silver, 250 points or more

I think concentrators can authenticate any number of ways identify the certificate and also ASA so you can implement this method


This Discussion