Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2479
Views
6
Helpful
2
Replies

ASA - WebVPN - Authentication with client certificate

cscherb
Level 1
Level 1

‎06-11-2007 04:46 AM - edited ‎02-21-2020 10:18 AM

Has anyone managed to authenticate with certificates to ASA for WebVPN ?

I configured

tunnel-group DefaultWEBVPNGroup webvpn-attributes

authentication certificate

but still getting the error message

Group <DefaultWEBVPNgroup> User <...> IP <...> Authentication:rejected, Session Type: WebVPN

Labels:
0 Helpful
2 Replies 2

cscherb
Level 1
Level 1
In response to j-block

‎06-15-2007 11:17 AM

I was able to use digital certificates with WebVPN using the folowing configuration:

tunnel-group DefaultWEBVPNGroup general-attributes

authorization-server-group LOCAL

authorization-required

authorization-dn-attributes CN

tunnel-group DefaultWEBVPNGroup webvpn-attributes

authentication certificate

In addition to this configuration I had to add alle CN values of certificates which are allowed to establish a WebVPN session to the local database.

Customers Also Viewed These Support Documents