Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2215
Views
0
Helpful
6
Replies

SR520 VPN Server Vista

eljakimit
Level 1
Level 1

‎02-03-2010 04:27 AM

Hi there,

we setup a VPN Server from the CCA. We used the default Security -> VPN Server path. We then exported the VPN Profile to a PCF file.

The Cisco VPN client works fine on 32bits operating systems.

How do we set this up on Vista and Windows 7? The Client installer says '64 bits not supported'

The Cisco AnyConnect VPN client has no option to import a PCF file. And the manual says it does not support IPSec/UDP.

What are we to do?

Eljakim

Labels:
0 Helpful
6 Replies 6

eljakimit
Level 1
Level 1

‎02-03-2010 08:35 AM

So went also installed SSL VPN. Which works okay, except for all the certificate warnings, and it doesn't work on mac Safari clients...

Does anyone know where we can install a certificate from the CCA?

If only PPTP were supported from the CCA. Or a SSLVPN client for 64bits were supported...

0 Helpful

eljakimit
Level 1
Level 1
In response to eljakimit

‎02-05-2010 06:32 AM

One more issue:

you can setup websites from the internet that can be used from the outside after logging on from the Cisco web interface, but without actually setting up the VPN.

This is a nice feature. It works fine for non-secure (http) websites. However, we also a https site on the inside with a self-signed certificate (iomega storage device). This device cannot be accessed this way.

So two questions remain (I've given up on the Mac issue):

* how do we install a new certificate for the SR520 from the CCA

* how do we get https websites to work

0 Helpful

eljakimit
Level 1
Level 1
In response to eljakimit

‎02-10-2010 07:22 AM

We still have been unable to figure this out.

Anybody?

0 Helpful

Steven Smith
Level 7
Level 7
In response to eljakimit

‎02-12-2010 03:01 PM

Working on this.  Let me see if this can be done in CCA currently or not.  If not, I will post something on how to add the cert manually.  Once added manually, this should work without issue.  What version of IOS are you running?

There is an enhancement in to disable certificate verification of the sites that are going through this.

CSCsy05978:  ENH: IOS PKI should have a option to disable certificate validation

Let me see what I can do on this.

0 Helpful

eljakimit
Level 1
Level 1
In response to Steven Smith

‎02-19-2010 12:04 PM

SR520#show version;

Cisco IOS Software, SR520 Software (SR520-ADVIPSERVICESK9-M), Version 12.4(24)T, RELEASE SOFTWARE (fc1)

Do you have any more news?
0 Helpful

Steven Smith
Level 7
Level 7
In response to eljakimit

‎02-19-2010 03:37 PM

Here is what you can try.

Router(config)# crypto ca trustpoint

Router(config-trustpoint)# enrollment terminal


Router(config)# crypto ca authenticate

The router will then prompt you to paste in the CA certificate associated  with the HTTPS site.  This is going to be the CA cert in base64 (ascii)  format.

Let me know if that works for you.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents