DMVPN with digital ceritificates and Hub acts as CA server

Answered Question
Jan 22nd, 2009

Hello guys,

is there anyway to configure DMVPN with digital certificates and make the Hub router to act as a Certificate Authority server?

Thanks

I have this problem too.
0 votes
Correct Answer by Ivan Martinon about 7 years 10 months ago

Yes, you can do that, go ahead and configure your Hub router with the normal DMVPN setup so that it becomes the HUB. After you have done that follow the link below to add PKI server features:

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gt_ioscs.html

And to enroll the spokes to the hub use this link:

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080210cdc.shtml

Remember that regardless of the Hub router being the CA authority, you need to enroll it to himself to allow IKE PKI authentication.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Ivan Martinon Fri, 01/23/2009 - 09:47

Yes, you can do that, go ahead and configure your Hub router with the normal DMVPN setup so that it becomes the HUB. After you have done that follow the link below to add PKI server features:

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gt_ioscs.html

And to enroll the spokes to the hub use this link:

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080210cdc.shtml

Remember that regardless of the Hub router being the CA authority, you need to enroll it to himself to allow IKE PKI authentication.

Actions

This Discussion