I have a Microsoft CA with the SCEP plugin. It works fine for signing IKE/VPN certs for routers when I'm only deploying one or two routers at a time.
But now I have a rollout coming up where I'll have to deploy 50 routers initially, then most likely, a few hundred shortly thereafter. It is highly likely that we will have the new routers shipped directly to a 3rd party who will then load pre-generated config files and deploy them at their respective remote locations. The 3rd party would not have access to my SCEP enabled CA.
Is there any way that I can pre-generate key pairs and certs right on the CA (or some other workstation or router), and import them into the routers later? I know that I can import the CA root cert offline. It's the public/private keypair and identity cert that I'm concerned with.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...