cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
176
Views
0
Helpful
2
Replies

question related to site-2-site VPN with cert authentication

huanincanada
Level 1
Level 1

Currently we are build up site-2-site VPN tunnel with our customer. Usually we use pre-shared key as authentication with other customers without any issue, but we have to use cert authentication with it this time. But the question is that our CA is different from theirs. I tried it a few times, but it failed. Does anybody please let me know that we have to own the certificate issued by the same CA to create VPN tunnel?

Thanks a lot!

1 Accepted Solution

Accepted Solutions

Hi,

 

You may want to review this document for an easy example of setting up a S2S VPN using certificates on an ASA:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080aa5be1.shtml

 

Basically both sides will need to have the same CA certificate and if there is a intermediate certificate that should be installed also. The 2 ASAs will generate a CSR(Certificate Signon Request), Now then the PKI will create a certificate for both sides usually known as "Identity certificate".

 

Please Proceed to rate and mark as correct he helpful Post!

 

David Castro,

 

Regards,

View solution in original post

2 Replies 2

Hi,

 

You may want to review this document for an easy example of setting up a S2S VPN using certificates on an ASA:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080aa5be1.shtml

 

Basically both sides will need to have the same CA certificate and if there is a intermediate certificate that should be installed also. The 2 ASAs will generate a CSR(Certificate Signon Request), Now then the PKI will create a certificate for both sides usually known as "Identity certificate".

 

Please Proceed to rate and mark as correct he helpful Post!

 

David Castro,

 

Regards,

Thanks David for your assistance....

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: