02-03-2010 04:27 AM
Hi there,
we setup a VPN Server from the CCA. We used the default Security -> VPN Server path. We then exported the VPN Profile to a PCF file.
The Cisco VPN client works fine on 32bits operating systems.
How do we set this up on Vista and Windows 7? The Client installer says '64 bits not supported'
The Cisco AnyConnect VPN client has no option to import a PCF file. And the manual says it does not support IPSec/UDP.
What are we to do?
Eljakim
02-03-2010 08:35 AM
So went also installed SSL VPN. Which works okay, except for all the certificate warnings, and it doesn't work on mac Safari clients...
Does anyone know where we can install a certificate from the CCA?
If only PPTP were supported from the CCA. Or a SSLVPN client for 64bits were supported...
02-05-2010 06:32 AM
One more issue:
you can setup websites from the internet that can be used from the outside after logging on from the Cisco web interface, but without actually setting up the VPN.
This is a nice feature. It works fine for non-secure (http) websites. However, we also a https site on the inside with a self-signed certificate (iomega storage device). This device cannot be accessed this way.
So two questions remain (I've given up on the Mac issue):
* how do we install a new certificate for the SR520 from the CCA
* how do we get https websites to work
02-10-2010 07:22 AM
We still have been unable to figure this out.
Anybody?
02-12-2010 03:01 PM
Working on this. Let me see if this can be done in CCA currently or not. If not, I will post something on how to add the cert manually. Once added manually, this should work without issue. What version of IOS are you running?
There is an enhancement in to disable certificate verification of the sites that are going through this.
CSCsy05978: ENH: IOS PKI should have a option to disable certificate validation
Let me see what I can do on this.
02-19-2010 12:04 PM
SR520#show version;
Cisco IOS Software, SR520 Software (SR520-ADVIPSERVICESK9-M), Version 12.4(24)T, RELEASE SOFTWARE (fc1)
02-19-2010 03:37 PM
Here is what you can try.
Router(config)# crypto ca trustpoint
Router(config)# crypto ca authenticate
The router will then prompt you to paste in the CA certificate associated with the HTTPS site. This is going to be the CA cert in base64 (ascii) format.
Let me know if that works for you.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide