DMVPN with digital ceritificates and Hub acts as CA server

Answered Question
Jan 22nd, 2009
User Badges:

Hello guys,

is there anyway to configure DMVPN with digital certificates and make the Hub router to act as a Certificate Authority server?

Thanks

Correct Answer by Ivan Martinon about 8 years 6 months ago

Yes, you can do that, go ahead and configure your Hub router with the normal DMVPN setup so that it becomes the HUB. After you have done that follow the link below to add PKI server features:


http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gt_ioscs.html


And to enroll the spokes to the hub use this link:


http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080210cdc.shtml


Remember that regardless of the Hub router being the CA authority, you need to enroll it to himself to allow IKE PKI authentication.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Ivan Martinon Fri, 01/23/2009 - 09:47
User Badges:
  • Cisco Employee,

Yes, you can do that, go ahead and configure your Hub router with the normal DMVPN setup so that it becomes the HUB. After you have done that follow the link below to add PKI server features:


http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gt_ioscs.html


And to enroll the spokes to the hub use this link:


http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080210cdc.shtml


Remember that regardless of the Hub router being the CA authority, you need to enroll it to himself to allow IKE PKI authentication.

Actions

This Discussion