×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

problem with certificates on ASA

Answered Question
Oct 27th, 2005
User Badges:

Hi,


I am trying to set up\a remote access tunnell with an ASA that is natted behind a Checkpoint firewall. Shared key works perfectly but when I try it with certificates the client drops the connection because;


482 16:30:34.581 10/27/05 Sev=Warning/3 IKE/0xE3000080

Invalid remote certificate id: ID_IPV4_ADDR: ID = 0x02001EAC, Certificate = 0x00000000


It is seeing the private address 172.30.0.2 instead of the external address. I have tried to add the ip address in the enrollment process but it will not do it. Th CA is an enterprise MS CA. the template is an ipsec offline cert. i have tried to add the IP address to the fqdn, changing the cn to the ip address but to no avail. I suspect I need to add the ability of adding the ip address to the microsoft template but not sure how to do this......any ideas appreciated


Thanks,


Vincent

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
v-naughton Thu, 10/27/2005 - 12:58
User Badges:

Thanks Wyatt that worked.....


I should have remembered that I had set isakmp identity address for shared key access.




Actions

This Discussion