I have some basic questions regarding ISAKMP Certificate based authentication between
cisco routers. Specifically when two peers exchange certificates during the authentication
phase and establish the fact that these come from a mutually trusted Authority, do they perform any
Do they verify that the identity provided by the peer is also the one encoded in the subject
of the certificate that was provided by this peer? (like in SSL where the URL of the server
must be encoded in the subject of the certificate)
Or just the fact the certificate comes from a trusted Authority is considered enough and
the authetication is successful regardless of the identity supplied by the peer???
Can anyone provide some link describing the mechanism used certificate-based authentication
for isakmp in cisco-routers?
Any help is wellcomed