03-26-2009 04:43 AM
Dudes,
Is it possible to use self signed certificates for IPSec VPN?, I do not want to use preshared keys and third party CA for authentication.
If yes how do we do that.
Many thanks,
Rajesh
03-26-2009 06:32 AM
yes it is - see the below config example:-
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080930f21.shtml
03-26-2009 08:24 AM
I have seen that, It involves third party CA servers, I do not want to inlvolve CA's like Microsoft, Verisign, etc,
Thanks,
Rajesh
03-26-2009 08:50 AM
Wel - you need to generate the CSR, then you need a cert auth to validate the CSR. You cannot do this without a CA - the other options are in Unix/Linux - they can also sign/generate CSR's.
The Cisco ASA will not generate and sign certs for people/devices other than itself.
HTH>
03-26-2009 09:49 AM
Andrew,
My requirement is to establish VPN tunnel between two Cisco routers with self signed certicates, i.e wanted to replace pre-shared keys with the certificates signed by router itself.
Is that possible on cisco routers?
Thanks,
Rajesh
03-26-2009 12:53 PM
03-27-2009 10:02 AM
it looks matching my requirement, let me try this config, keep you posted the outcome.
Thamks,
Rajesh
03-26-2009 12:54 PM
03-26-2009 12:54 PM
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: