Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Site to Site VPN with certificate authentication using ASA as LOCAL CA Server

Hi,

As the title suggests I am planning on rolling out site to site VPN using ASA as a local CA Server.

I have been looking around on the forums and cisco.com but cannot see any form of documentation on using the ASA as the local CA for site to site.

Is this possible?  If so can someone point me in the right direction please.

Many thanks.

Regards

Mo

3 REPLIES
Cisco Employee

Site to Site VPN with certificate authentication using ASA as LO

Hi,

Nope, as far as I know, the CA server capability is only on IOS software, not on the ASA.

Mike.

Mike
New Member

Site to Site VPN with certificate authentication using ASA as LO

No, the ASA does allow creation of CA server, but from what I've read online it only supports client based and web based VPN (IPSEC and SSL).  There is no mention about site to site IPSEC.

FYI, I have created CA locally on the ASA previously and it does support it 100%.

Cisco Employee

Site to Site VPN with certificate authentication using ASA as LO

New stuff

But why it does not work for site to site? I mean if both peers are able to get a certificate from the ASA I dont know what could go wrong creating the tunnel.

Let me know.

Mike

Mike
467
Views
0
Helpful
3
Replies