11-05-2008 07:41 AM
Hi,
I need to set-up a lan-to-lan VPN with a Concentrator, with a 5520 ASA at the remote end. Instead of using a pre-shared key like we normally would, we have been asked by the remote end to get a certificate from Verisign.
I have researched the process for this but am still not entirely clear. As I understand, we will need to install a (free) root certificate on the concentrator, then;
1. Generate an identity certificate enroll request (PKCS10?)
2. Make a copy of the request text then send this to Verisign to complete the identity certifcate enrollment process (PKCS #7?)
Could anyone confirm - is this the correct procedure?
Also, Verisign themselves say that we need an SSL certificate for this which I believe is wrong? I thought it was just a digital identity certificate.
Thanks in advance.
11-06-2008 06:59 AM
Further to this, I have a list of root certs I downloaded from Verisign. Can I install all these (as I dont know which one is needed) - will it cause any problems on the concentrator?
Thanks
11-11-2008 08:04 AM
Hi,
Still unsure on this - would be very grateful if anyone could be of help?
Thanks
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: