I have a pair of ASAs in failover configuration providing VPN load-balancing. I'd like to use a cert for the inbound requests and would like to know if I can use a wildcard cert for all devices or do I need to get individual certs per device and one for the load-balaning IP.
If you have a load balance setup, which is not the same as failover, you will need 3 Certs, 1 for the loadbalance ip address of FQDN which will be contained on both ASA devices and one certificate per box, pretty much your Formula will be #Certs=N+1 where N is your total number of ASA that you have.
3) a UCC certificate with 3 SANs (vpn, vpn1, vpn2)
Getting Started
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:
