Using Cisco IOS PKI for Authenticating Remote-Access VPNs.

Unanswered Question
Jul 22nd, 2008
User Badges:

Hi all,

Can someone please direct me to documentation on how can I use the internal CA of my Cisco router to produce "end-user certificates" which can be used (later on) as credentials for a VPN connection to this router?


1. I need some strong authentication method for my remote-access VPN users. Naturally, certificates will do the trick.

2. Because I don't have (at this point) a dedicated PKI server, I decided to use the IOS capabilities of being a PKI server (CA).

3. Is it possible to generate a certificate by the means of Cisco IOS software, copy the results (hopefully, a PKCS#12 file for each user) to a TFTP and eventually authenticate to the box with it?

Thanks in advance,


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion