Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA5510 & SCEP enrollement with Name, Serial and IP

hi,

I have a problem when I try to enroll my new ASA 5510 (no problem with all my PIX in 6.3)

I configured ASA like this :

crypto ca trustpoint Test

revocation-check crl

enrollment retry count 5

enrollment url http://aaa.bbb.ccc.ddd:80/xxxxxxxxx

serial-number

ip-address eee.fff.ggg.hhh

password *

so all is ok except enrollement... it seems to me that ASA doesn't add IP address in demand to CA... I tested different thing... still same problem

On CA side, I have that in log :

UNSTRUCTUREDNAME = name.domain.fr,

UNSTRUCTUREDADDRESS = ,

SERIALNUMBER = zzzzzzzzz

-> UNAUTHORIZED SCEP Request

there is no IP address...

if one of you has an idea... or if this problem is known...

Thanks

Nicolas

2 REPLIES
Bronze

Re: ASA5510 & SCEP enrollement with Name, Serial and IP

You might want to take a look at the following configuration guide

http://www.cisco.com/en/US/docs/security/asa/asa72/asdm52/selected_procedures/asdmcer.html

New Member

Re: ASA5510 & SCEP enrollement with Name, Serial and IP

yep... already read...

and no more...

problem is IOS I think... because problem is there on ASA and PIX

without IP authentication... all is ok... but in my case... I need IP+ all the rest

Nico

276
Views
0
Helpful
2
Replies