Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
313
Views
0
Helpful
4
Replies

VPN Concentrator 3000 series with SSL problem

Go to solution
ccsam
Level 1
Level 1

‎02-10-2003 05:42 AM - edited ‎02-21-2020 12:20 PM

I use http access to the vpn concentrator and install SSL on the logging page using IE 6. I did open up the file and installed sucessfully with the certificate into IE which I can view the content of the certificate through IE.

I did allow cookies and java scripting from the security tab for IE. Why I still can access using https? Any ohter configuration that I left out? I'm using https to access the private interface which have private ip address.

regards,

Sam

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
cairnsm
Level 1
Level 1

‎02-10-2003 11:04 AM

If you were setting the certificate up in a test environment, it may have the wrong IP address. Verify under Administration|Certificate Management that the IP address for your SSL certificate has the IP address of your inside interface. If you changed the IP since generating the certificate, it will no longer work. I am assuming that you have set everything up properly under Configuration|System|Management Protocols|SSL.

Hope it helps,

Mark

View solution in original post

0 Helpful

Go to solution
mklaphek
Level 1
Level 1

‎02-10-2003 11:19 AM

If you're on the inside, then the only other thing to check is the certificate (assmunig that you left the defaults alone). Look under Administration --> Certificate Management --> SSL Certificate. Try to delete the one that's there (if there is one) and generate a new one. This should do it.

If you're outside and trying to access the outside interface via https, you need to make sure that you modify the filter to allow https in (the rules are incoming https in and incoming https out).

Importing the certificate doesn't help with access. It's an attempt to keep the certificate warning pop-up form occuring everytime you get to the concentrator. I must be doing something wrong, because I could never get it to work.

Hope this helps.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
cairnsm
Level 1
Level 1

‎02-10-2003 11:04 AM

If you were setting the certificate up in a test environment, it may have the wrong IP address. Verify under Administration|Certificate Management that the IP address for your SSL certificate has the IP address of your inside interface. If you changed the IP since generating the certificate, it will no longer work. I am assuming that you have set everything up properly under Configuration|System|Management Protocols|SSL.

Hope it helps,

Mark

0 Helpful

Go to solution
ccsam
Level 1
Level 1
In response to cairnsm

‎02-13-2003 05:21 PM

I had resolved my problems by regenerate the certificate under administration>Certificate management. The default ip address 10.1.x.x will change to address which I assigned to private interface.

regards,

Sam

0 Helpful

Go to solution
mklaphek
Level 1
Level 1

‎02-10-2003 11:19 AM

If you're on the inside, then the only other thing to check is the certificate (assmunig that you left the defaults alone). Look under Administration --> Certificate Management --> SSL Certificate. Try to delete the one that's there (if there is one) and generate a new one. This should do it.

If you're outside and trying to access the outside interface via https, you need to make sure that you modify the filter to allow https in (the rules are incoming https in and incoming https out).

Importing the certificate doesn't help with access. It's an attempt to keep the certificate warning pop-up form occuring everytime you get to the concentrator. I must be doing something wrong, because I could never get it to work.

Hope this helps.

0 Helpful

Go to solution
ccsam
Level 1
Level 1
In response to mklaphek

‎02-13-2003 05:27 PM

Thanks in giving ideas on how to resolve SSL issue. I can use SSL to access VPN Concentrator now.

regards,

Sam

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents