Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

SR520 VPN Server Vista

Hi there,

we setup a VPN Server from the CCA. We used the default Security -> VPN Server path. We then exported the VPN Profile to a PCF file.

The Cisco VPN client works fine on 32bits operating systems.

How do we set this up on Vista and Windows 7? The Client installer says '64 bits not supported'

The Cisco AnyConnect VPN client has no option to import a PCF file. And the manual says it does not support IPSec/UDP.

What are we to do?

Eljakim

Everyone's tags (6)
6 REPLIES
Community Member

Re: SR520 VPN Server Vista

So went also installed SSL VPN. Which works okay, except for all the certificate warnings, and it doesn't work on mac Safari clients...

Does anyone know where we can install a certificate from the CCA?

If only PPTP were supported from the CCA. Or a SSLVPN client for 64bits were supported...

Community Member

Re: SR520 VPN Server Vista

One more issue:

you can setup websites from the internet that can be used from the outside after logging on from the Cisco web interface, but without actually setting up the VPN.

This is a nice feature. It works fine for non-secure (http) websites. However, we also a https site on the inside with a self-signed certificate (iomega storage device). This device cannot be accessed this way.

So two questions remain (I've given up on the Mac issue):

* how do we install a new certificate for the SR520 from the CCA

* how do we get https websites to work

Community Member

Re: SR520 VPN Server Vista

We still have been unable to figure this out.

Anybody?

Re: SR520 VPN Server Vista

Working on this.  Let me see if this can be done in CCA currently or not.  If not, I will post something on how to add the cert manually.  Once added manually, this should work without issue.  What version of IOS are you running?

There is an enhancement in to disable certificate verification of the sites that are going through this.

CSCsy05978:  ENH: IOS PKI should have a option to disable certificate validation

Let me see what I can do on this.

Community Member

Re: SR520 VPN Server Vista

SR520#show version;

Cisco IOS Software, SR520 Software (SR520-ADVIPSERVICESK9-M), Version 12.4(24)T, RELEASE SOFTWARE (fc1)

Do you have any more news?

Re: SR520 VPN Server Vista

Here is what you can try.

Router(config)# crypto ca trustpoint

Router(config-trustpoint)# enrollment terminal


Router(config)# crypto ca authenticate

The router will then prompt you to paste in the CA certificate associated  with the HTTPS site.  This is going to be the CA cert in base64 (ascii)  format.

Let me know if that works for you.

1558
Views
0
Helpful
6
Replies
CreatePlease to create content