07-25-2011 11:41 AM - edited 02-21-2020 05:28 PM
I found a doc on how to setup anyconnect using a certificate for authentication. I got it working but then realize if the portal is active its using that cert for connection and authentication. That's not secure at all. How do i make is use one for portal and another for authentication?
Thanks,
07-27-2011 01:23 PM
Use the SSL trustpoint to assign a web server certificate to your outside interface. If you want to authenticate with a different certificate, simply import that CAcertificate to the ASA, and make the CA issue the client a certificate. This way you are using 2 certificates - one for the SSL portion, and another for the client authentication portion.
HTH
--Jason
07-28-2011 01:23 PM
Can you explain how to do this. I have two different certs and would like one for portal and a seperate one for authentication only. If i go to Remote access vpn --> Anyconnect Connection Profiles --> select the profile then "Edit" i can select AAA,LOCAL OR Certificate but dont have the option to select a specific cert. Can you give me the path to make the change to use a seperate Cert?
07-28-2011 01:40 PM
Hello, could you point me to the document you found for X509 authentcation ?
I am ery interested in it,
thank you
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide