I have a quesion concerning, the set up of VPN IPSEC using certificate for authentication not pre-shared key. The situation is that you have generated a rsa key, then a csr, which has been signed by a CA. You have installed the root and identity on the device, your VPN tunnel is fine. I would like to know, if the rsa key used to create the certificate is destroyed by generating a new key ( this also destroy the identity certificate, but imagine that you imported the identity certificate, does this will work, or is it necessary to go through the all process ( csr, signing by CA ..... ).
Thanks for your help.