Solved: DMVPN with digital ceritificates and Hub acts as CA server

Mustafa Al Housami · ‎01-22-2009

Hello guys,

is there anyway to configure DMVPN with digital certificates and make the Hub router to act as a Certificate Authority server?

Thanks

Ivan Martinon · ‎01-23-2009

Yes, you can do that, go ahead and configure your Hub router with the normal DMVPN setup so that it becomes the HUB. After you have done that follow the link below to add PKI server features:

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gt_ioscs.html

And to enroll the spokes to the hub use this link:

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080210cdc.shtml

Remember that regardless of the Hub router being the CA authority, you need to enroll it to himself to allow IKE PKI authentication.

View solution in original post

Ivan Martinon · ‎01-23-2009

Yes, you can do that, go ahead and configure your Hub router with the normal DMVPN setup so that it becomes the HUB. After you have done that follow the link below to add PKI server features:

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gt_ioscs.html

And to enroll the spokes to the hub use this link:

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080210cdc.shtml

Remember that regardless of the Hub router being the CA authority, you need to enroll it to himself to allow IKE PKI authentication.

Mustafa Al Housami · ‎01-26-2009

Hello,

it worked as expected

Thank you for your assistance

:)