I've completed the configuration of an ASA5500 to support certificate authentication of DoD CACs and have everything working properly though I have an annoyance that I would like to fix:
When a client attempts to establish an SSL VPN Session using their CAC (smartcard) they are prompt twice to select a certificate if they have the SSL client installed, if they don't they get prompted THREE times to select a certificate.
All this seems rather inane and from a user perspective annoying. So my questions are:
1. Can the ASA be configured to use their first selected certificate from there on?
2. Can the SSL VPN Client be configured to select the appropriate certificate automatically?
3. If 1 and 2 are no, then how can I eliminate the excessive certificate prompts?
I would very much like to move away from bandwidth heavy IPSEC connections and be able to utilize the SSL VPN solution, though this simply isn't simple enough for my clients.
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...