We have been working on getting our routers to bring up a DMVPN using a Microsoft CA and Active Directory CRL. If we configure the routers to by-pass the CRL revocation check it will come up (revocation-check crl none). If we require the CRL which is stored in Active Directory it fails every time (revocation-check crl).
Has anyone been able to use a Active Directory CRL LDAP URL?
Thanks for the help in advanced!