vpn using digital certificates from microsoft CA ... any ideas
I have been trying to set up a vpn using digital certificates to authenticate the devices (PIX). I am using microsoft certificate services with the mscep.dll add on. When I try to enroll a certificate I get this :
pix1(config)# ca generate rsa key 512
Keypair generation process begin.
pix1(config)# ca identity CA 10.0.0.20:/certsrv/mscep/mscep.dll
pix1(config)# ca configure CA ra 1 20 crloptional
pix1(config)# ca authenticate CA
Certificate has the following attributes:
Fingerprint: 1c93454b 263051d8 b4fd283f 6e3044ac
pix1(config)# ca enroll CA cisco
% Start certificate enrollment ..
% The subject name in the certificate will be: pix1.companyname.com
% Certificate request sent to Certificate Authority
% The certificate request fingerprint will be displayed.
Re: vpn using digital certificates from microsoft CA ... any ide
no replies ...... oh well !
I have solved the problem myself. If anybody has the same problem I got round it be unchecking the automatic enrollment option during cepsetup. I can now enroll certificates, but I have to issue them manually from certserv's pending folder.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...