Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Client VPN & certificate revocation.

Hi all,

Id like to talk about our issue. We have created

client's VPN to our network (use PIX with PIXOS 8.0). Authentification is throught certificates. Problem is, that when we revocate certificate of user in CA , he/she can still connect into network. We use Microsoft CA. The users certificates are in revocation list (no problem) but PIX has no any idea if certificate is OK or revocated.

Any idea?

BR

jl

1 REPLY
Silver

Re: Client VPN & certificate revocation.

The CA requires that both IPSec peers transact with a Registration Authority (RA), which then forwards the requests through to the CA. Both the remote IPSec peer and the local IPSec peer must be configured with the both the CA and RA public keys. The CA and RA public keys are signature and encryption key pairs, which must be generated and enrolled for authentication to occur.

118
Views
0
Helpful
1
Replies
CreatePlease to create content