Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA - WebVPN - Authentication with client certificate

Has anyone managed to authenticate with certificates to ASA for WebVPN ?

I configured

tunnel-group DefaultWEBVPNGroup webvpn-attributes

authentication certificate

but still getting the error message

Group <DefaultWEBVPNgroup> User <...> IP <...> Authentication:rejected, Session Type: WebVPN

2 REPLIES
New Member
New Member

Re: ASA - WebVPN - Authentication with client certificate

I was able to use digital certificates with WebVPN using the folowing configuration:

tunnel-group DefaultWEBVPNGroup general-attributes

authorization-server-group LOCAL

authorization-required

authorization-dn-attributes CN

tunnel-group DefaultWEBVPNGroup webvpn-attributes

authentication certificate

In addition to this configuration I had to add alle CN values of certificates which are allowed to establish a WebVPN session to the local database.

1598
Views
6
Helpful
2
Replies