Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
212
Views
0
Helpful
1
Replies

Client to Site VPN with Certificates CRL and User question ?

dumlutimuralp
Level 1
Level 1

‎09-12-2006 02:11 AM - edited ‎02-21-2020 02:36 PM

Hi all,

I got a customer has a VPN3005 setup for remote access vpn based on user certificates. I got two major questions.

1_ Customer says they revoke a user certificate but that specific user still connects to the vpn box. They showed me the log file and it says client certificate is successfully confirmed. They setup the CRL parameters on the box. Do you have any tips on this ?

2_ I think, the user certificate confirmation and username password confirmation are whole different processes, but they require that, a user with an A certificate should not be able to connect with B user' s username and password. How can this be made possible ? Any comments ?

Labels:
0 Helpful
1 Reply 1

smahbub
Level 6
Level 6

‎09-18-2006 06:26 AM

If your users belong to the same group from a cert standpoint, you cannot prevent them from using the other ones.

If you want to prevent this from happening you have no choice but to put every user in a different group and use group locking.

0 Helpful
Customers Also Viewed These Support Documents