I have installed a router running 12.2(8)T IOS to end IPSec tunnels from Cisco VPN clients.
I've configured the router to authenticate the tunnel using MS CA certificates, but I cannot check the Certificate Revocation List (CRL) in order to know if the certificate is still valid.
I configured the appropiate ldap query to the CA itself first, and then to aone of the servers running Active Directory, but in both cases the router seems to do a broadcast (255.255.255.255) to resolve the ldap query.
Has somebody configured an scenario like this one? Can anybody help me?