I found a doc on how to setup anyconnect using a certificate for authentication. I got it working but then realize if the portal is active its using that cert for connection and authentication. That's not secure at all. How do i make is use one for portal and another for authentication?
Use the SSL trustpoint to assign a web server certificate to your outside interface. If you want to authenticate with a different certificate, simply import that CAcertificate to the ASA, and make the CA issue the client a certificate. This way you are using 2 certificates - one for the SSL portion, and another for the client authentication portion.
Can you explain how to do this. I have two different certs and would like one for portal and a seperate one for authentication only. If i go to Remote access vpn --> Anyconnect Connection Profiles --> select the profile then "Edit" i can select AAA,LOCAL OR Certificate but dont have the option to select a specific cert. Can you give me the path to make the change to use a seperate Cert?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...