Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
489
Views
0
Helpful
1
Replies

IPSEC & LDAP Servers

Go to solution
dbassani
Level 1
Level 1

‎03-20-2003 07:09 AM - edited ‎02-21-2020 12:25 PM

My topology is:

cisco routers must open two IPSEC tunnels after the enrollment with a CA, and must be able to query CRLs on two LDAP servers on separate LANs.

I tried to configure two CRL query url, but after inserted the first, the second overwrite the first.

How can I configure more than one LDAP server on a cisco router?

I know that in the certificate there is a field referred to DP (Distribution Point) in which I can set multiple LDAP servers' addresses.

Is a cisco router able to recognize the DP field into a certificate? And can I follow this way as workaround?

The release used in the lab is 12.2(13)T1

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
bwalchez
Level 4
Level 4

‎03-26-2003 08:04 AM

Yes, Cisco routers do understand the Distribution Point field, the problem is the multiple entries are used only as a redundancy.

If according to the distibution point the first CA is 10.0.0.1 and if this server is down for some reason it will check the backup entry if any.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
bwalchez
Level 4
Level 4

‎03-26-2003 08:04 AM

Yes, Cisco routers do understand the Distribution Point field, the problem is the multiple entries are used only as a redundancy.

If according to the distibution point the first CA is 10.0.0.1 and if this server is down for some reason it will check the backup entry if any.

0 Helpful
Customers Also Viewed These Support Documents