Anyconnect with Certificate only?

Unanswered Question
Jul 25th, 2011

I found a doc on how to setup anyconnect using a certificate for authentication. I got it working but then realize if the portal is active its using that cert for connection and authentication. That's not secure at all. How do i make is use one for portal and another for authentication?

Thanks,

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 0 (0 ratings)
Jason Gervia Wed, 07/27/2011 - 13:23

Use the SSL trustpoint to assign a web server certificate to your outside interface.  If you want to authenticate with a different certificate, simply import that CAcertificate to the ASA, and make the CA issue the client a certificate.  This way you are using 2 certificates - one for the SSL portion, and another for the client authentication portion.

HTH

--Jason

patrick.beaven_2 Thu, 07/28/2011 - 13:23

Can you explain how to do this. I have two different certs and would like one for portal and a seperate one for authentication only. If i go to Remote access vpn --> Anyconnect Connection Profiles --> select the profile then "Edit" i can select  AAA,LOCAL OR Certificate but dont have the option to select a specific cert. Can you give me the path to make the change to use a seperate Cert?

cnaf-intn-it Thu, 07/28/2011 - 13:40

Hello, could you point me to the document you found for X509 authentcation ?

I am ery interested in it,

thank you

Actions

Login or Register to take actions

This Discussion

Posted July 25, 2011 at 11:41 AM
Stats:
Replies:3 Avg. Rating:
Views:656 Votes:0
Shares:0
Tags: No tags.

Discussions Leaderboard