Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

AnyConnect with LDAP-S

Cisco ASA 5515-X 

AnyConnect VPN with LDAP authentication (2 Domain Controllers).

I need to use LDAP-S to get the password-management.

At the ASA side, it is sufficient to enable LDAP over SSL.

On the Domain Controllers (2 Windows/2008) to enable LDAP-S I must use a certificate.

 

The Question is:

Can I use an "Identity Certificate" self-signed, generated on the firewall itself?

For example, the same one, used for AnyConnect clients or a new one? 

And with what parameters must I create it? 

 

Thanks,

Claudio

  • VPN
Everyone's tags (1)
3 REPLIES

Hi Battanc, Yes, you can use

Hi Battanc,

 

Yes, you can use self-signed certificate from the ASA itself.

Please check the attached doc from Cisco.

 

Thanks

 

 

 

New Member

However, this does NOT answer

However, this does NOT answer my question, that maybe it was not very clear.

The question is: can I use a "self-signed" certificate for LDAP-S ?

 

Claudio

Hi Claudio, Answer is yes. 

Hi Claudio,

 

Answer is yes.

 

"Step 1. Configure a Self−Issued Certificate"

 

Thanks

113
Views
1
Helpful
3
Replies