Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Starting a tunnel before logging on W2K using SmartCard Certificates

Hi all,

I am trying to start a tunnel using a certificate stored on a GEMSAFE SmartCard before logging in, in oprder to propperly log onto the network using my certificate, but The Cisco VPN Client v3.6 says:

"The currently selected profile uses the Microsoft CryptoApi certificate store. This profile can not be used until you have logged in to your workstation".

But how can I stablish the tunnel with the certificate if I cannot read it?

Any ideas?

Thanks in advance.

1 REPLY
New Member

Re: Starting a tunnel before logging on W2K using SmartCard Cert

Listed below are two documents that might help you:

1) Configuring IPSec Between PIX and Cisco VPN Client Using Smartcard Certificates

http://www.cisco.com/warp/customer/471/configipsecsmart.html

2) Configuring the VPN Client 3.0.x to Get a Digital Certificate

http://www.cisco.com/warp/public/471/installmscert.html

I'm no MS expert but it is possible to log onto your workstation even if you are not logged on to the network. I pulled out my ethernet cabel and tried logging in and guess what... I got in. Perhaps you could try doing the same. I think that the problem might simply be that you are not allowed access to the certificate since you are not logged in.

98
Views
0
Helpful
1
Replies