Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Remote Access VPN using Mutual Group Authentication ( CA certificate)

Dear Experts,

In   my organization , we have Cisco ASA 5540 that is configured with the   remote access VPN profile. The Remote VPN is configured in such a way   that the user authentication will be through Microsoft LDAP ( AD   server).

Currently   the VPN client is using the Group Authentication method and we would   like to go for certificate based authentication (

Mutual Group Authentication) using CA server. Below are my queries regarding to the these migration.

1.Have anyone did Remote Access VPN with CA Server ?

2.Can i use the same AD server as CA server ?

3. What are configuration changes that required in ASA for the Remote VPN users to enroll the certificate with CA server ?

Kindly advice.

Regards

Shiji

2 REPLIES
VIP Purple

Remote Access VPN using Mutual Group Authentication ( CA certifi

>1.Have anyone did Remote Access VPN with CA Server ?

I used it quite often before migrating to AnyConnect.

>2.Can i use the same AD server as CA server ?

Yes, you can. But you shouldn't. For security-reasons it's better to make it a separate VM.

>3. What are configuration changes that required in ASA for the Remote VPN users to enroll the certificate with CA server?

The ASA-part is described here:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080930f21.shtml#asa1


--
Don't stop after you've improved your network! Improve the world by lending money to the working poor: http://www.kiva.org/invitedby/karsteni
New Member

Remote Access VPN using Mutual Group Authentication ( CA certifi

Thank you karsten for your help.

I will review and apply the configuration and update you.

Thanks

1336
Views
0
Helpful
2
Replies