Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Cisco VPN & Gemplus Smartcard

I have an PIX 501 configured as vpn gateway, i use VPN client 3.51 and i want to make the connection using gemplus smartcard with microsoft CA certificates. When I put an smartcard user/logon certificate on the smartcard and try to make a connection the vpn client prompts for the smartcard, this is normal. Then the vpn client prompts fot the username and password (witch is used for authentication on the Cisco ACS 3.0) after this the client says negotiating security policies and that's it. No connection is made.

Does anyone knows how to solve this problem?

2 REPLIES
Cisco Employee

Re: Cisco VPN & Gemplus Smartcard

Does this work if you are not using Smartcard, ie

just enroll the client PC to the MS CA server and then connect? Try adding isakmp identity hostname to the PIX, to see if it makes a difference. Also what is the PIX code you are using? Does it work with Xauth to the ACS? If it does, and only fails

with Xauth, you might be hitting bug: CSCdw16074.

You need to contact the TAC to get an interim build fix for this.

Cisco Employee

Re: Cisco VPN & Gemplus Smartcard

Does this work if you are not using Smartcard, ie

just enroll the client PC to the MS CA server and then connect? Try adding isakmp identity hostname to the PIX, to see if it makes a difference. Also what is the PIX code you are using? Does it work with Xauth to the ACS? If it does, and only fails

with Xauth, you might be hitting bug: CSCdw16074.

You need to contact the TAC to get an interim build fix for this.

232
Views
0
Helpful
2
Replies