Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
786
Views
0
Helpful
1
Replies

IPSEC VPN with machine AND user certificate

dcoghlan
Level 1
Level 1

‎07-02-2008 06:59 PM - edited ‎02-21-2020 03:48 PM

Was wondering if anyone could shed any light on a situation I have.

We want to authenticate a machine connecting to our VPN infrastructure using a machine certificate AND authenticate the user with a separate user certificate (whether its stored locally or on some sort or token or smartcard) so that the logon process is seamless for the user, but we know the user is valid AND they are using a company machine.

From my testing in the lab, it looks like the Cisco VPN client can only use a single certificate.

I believe I can use the Microsoft VPN client (L2TP/IPSEC) to use both a machine and user cert, but this means I loose the ability to tunnel IPSEC through TCP which is a requirement.

Can someone please let me know if this can be done with the Cisco VPN client.

Labels:
0 Helpful
1 Reply 1

didyap
Level 6
Level 6

‎07-08-2008 10:43 AM

Here is the URL for the VPN Client IPSec Authentication Using Digital Certificates with Microsoft CA Configuration Example which will help you :

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080930f21.shtml

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents