11-05-2008 07:41 AM
Hi,
I need to set-up a lan-to-lan VPN with a Concentrator, with a 5520 ASA at the remote end. Instead of using a pre-shared key like we normally would, we have been asked by the remote end to get a certificate from Verisign.
I have researched the process for this but am still not entirely clear. As I understand, we will need to install a (free) root certificate on the concentrator, then;
1. Generate an identity certificate enroll request (PKCS10?)
2. Make a copy of the request text then send this to Verisign to complete the identity certifcate enrollment process (PKCS #7?)
Could anyone confirm - is this the correct procedure?
Also, Verisign themselves say that we need an SSL certificate for this which I believe is wrong? I thought it was just a digital identity certificate.
Thanks in advance.
11-06-2008 06:59 AM
Further to this, I have a list of root certs I downloaded from Verisign. Can I install all these (as I dont know which one is needed) - will it cause any problems on the concentrator?
Thanks
11-11-2008 08:04 AM
Hi,
Still unsure on this - would be very grateful if anyone could be of help?
Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide