I am new to Cisco asa vpn and I would like to enquire on certificate authentication for anyconnect vpn. Based on my understanding, the asa can perform a dn check on the following:
Country: the two-letter country abbreviation. These codes conform to ISO 3166 country abbreviations.
Common Name: the name of a person, system, or other entity. Not available a s a secondary attribute.
Domain Name Qualifier.
Locality: the city or town where the organization is located.
Organization: the name of the company, institution, agency, association or other entity.
Organizational Unit: the subgroup within the organization (O).
State/Province: the state or province where the organization is located
User Principal Name
I would like to enquire on how does it check if 'use the entire dn as username" for authentication for anyconnect client; does it make use of all the possible parameter fields in the list for authentication? I would also like to check if it may be possible to make use of certificate thumbprint for authentication? I do understand that certificate thumbprint is the hash result of the public key; however not too sure if that may be used for authentication?
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :