Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Authenticating to Pix with Certificate

Hi,

Is it possible to authenticate to the Pix using a cert?

My customer want additional protection above the configured source IPs (which can be spoofed) for its FW admins

Thanks

Stu

5 REPLIES
Cisco Employee

Re: Authenticating to Pix with Certificate

I assume you mean for ASDM access (if not, please clarify the question).

This can be done as of version 8.0(3) with the following command:

ssl certificate-authentication interface

Note that if you have webvpn enabled on this interface, and if both ASDM and Webvpn are running on port 443 (the default) then this will also enable certificate authentication for Webvpn users connecting to this interface.

In the most common scenario, ASDM is accessed on the inside and webvpn on the outside so this is not a problem, but if it is then you can run ASDM on a different port, e.g.:

http server enable 4433

ssl certificate-authentication interface port 4433

Cisco Employee

Re: Authenticating to Pix with Certificate

And actually in 7.x you can do the same with:

http authentication-certificate

New Member

Re: Authenticating to Pix with Certificate

Hi,

Sorry should of given a bit more info.

I was referring to PDM access on a Pix most of which are running ver 6x

Thanks

Cisco Employee

Re: Authenticating to Pix with Certificate

As far as I know it is not possible on Pix 6.x, sorry.

New Member

Re: Authenticating to Pix with Certificate

Ah OK, thanks for the response, much appreciated.

Kind Regards

148
Views
0
Helpful
5
Replies
CreatePlease login to create content