Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IPSEC & LDAP Servers

My topology is:

cisco routers must open two IPSEC tunnels after the enrollment with a CA, and must be able to query CRLs on two LDAP servers on separate LANs.

I tried to configure two CRL query url, but after inserted the first, the second overwrite the first.

How can I configure more than one LDAP server on a cisco router?

I know that in the certificate there is a field referred to DP (Distribution Point) in which I can set multiple LDAP servers' addresses.

Is a cisco router able to recognize the DP field into a certificate? And can I follow this way as workaround?

The release used in the lab is 12.2(13)T1

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: IPSEC & LDAP Servers

Yes, Cisco routers do understand the Distribution Point field, the problem is the multiple entries are used only as a redundancy.

If according to the distibution point the first CA is 10.0.0.1 and if this server is down for some reason it will check the backup entry if any.

1 REPLY
New Member

Re: IPSEC & LDAP Servers

Yes, Cisco routers do understand the Distribution Point field, the problem is the multiple entries are used only as a redundancy.

If according to the distibution point the first CA is 10.0.0.1 and if this server is down for some reason it will check the backup entry if any.

260
Views
0
Helpful
1
Replies
CreatePlease login to create content