12-13-2011 08:11 AM - edited 03-11-2019 03:01 PM
Hi,
As the title suggests I am planning on rolling out site to site VPN using ASA as a local CA Server.
I have been looking around on the forums and cisco.com but cannot see any form of documentation on using the ASA as the local CA for site to site.
Is this possible? If so can someone point me in the right direction please.
Many thanks.
Regards
Mo
12-13-2011 08:03 PM
Hi,
Nope, as far as I know, the CA server capability is only on IOS software, not on the ASA.
Mike.
12-14-2011 01:29 AM
No, the ASA does allow creation of CA server, but from what I've read online it only supports client based and web based VPN (IPSEC and SSL). There is no mention about site to site IPSEC.
FYI, I have created CA locally on the ASA previously and it does support it 100%.
12-14-2011 08:44 AM
New stuff
But why it does not work for site to site? I mean if both peers are able to get a certificate from the ASA I dont know what could go wrong creating the tunnel.
Let me know.
Mike
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide