Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Using Cisco IOS PKI for Authenticating Remote-Access VPNs.

Hi all,

Can someone please direct me to documentation on how can I use the internal CA of my Cisco router to produce "end-user certificates" which can be used (later on) as credentials for a VPN connection to this router?

Explanation:

1. I need some strong authentication method for my remote-access VPN users. Naturally, certificates will do the trick.

2. Because I don't have (at this point) a dedicated PKI server, I decided to use the IOS capabilities of being a PKI server (CA).

3. Is it possible to generate a certificate by the means of Cisco IOS software, copy the results (hopefully, a PKCS#12 file for each user) to a TFTP and eventually authenticate to the box with it?

Thanks in advance,

Alex.

1 REPLY
Bronze

Re: Using Cisco IOS PKI for Authenticating Remote-Access VPNs.

check the section "ASA Configuration" present in the following url for more information on authenticating remote-access vpn using certificates:

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/product_implementation_design_guide0900aecd805fc1d0.html

162
Views
0
Helpful
1
Replies
CreatePlease to create content