Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
New Member

ASA SSL VPN Client Certificate Help

I'm currently trying to get my ASA 5540 (7.22) to support client certificate authenticated (in addition to AAA) for the SSL VPN client. I have no existing PKI infrastructure, so I'm trying to figure out if the ASA can do standalone client certificate authentication.

I know enabling certificate authentication is as easy as enabling it on the interface, but is there any way to tell the ASA to authorize all certs with CN of @mydomain.com?

So, I'm basically looking for a way to install certificates on client machines and then have the ASA authenticate those users without having any sort of independent revocation list.

I've been reading the following articles:

http://www.cisco.com/en/US/docs/security/asa/asa70/configuration/guide/certs.html

http://www.cisco.com/en/US/docs/security/asa/asa71/configuration/guide/webvpn.html

http://www.cisco.com/en/US/products/ps6498/products_user_guide_chapter09186a00807e87e1.html

Also, I haven't checked to see if this is possible with 8.0, so I'm off to read those docs.

Any help would be greatly appreciated.

115
Views
0
Helpful
0
Replies
СоздатьДля создания публикации, пожалуйста в систему