09-10-2013 12:14 PM - edited 02-21-2020 07:08 PM
Hi all,
I have various models of ASA's running 8.4 supporting IPSEC VPN using the Apple Native VPN Client configured with shared secret passwords and LDAP authentication. All is great but want to replace the shared secret passwords with certificates and continue with LDAP authentication (2FA).
I added a public cert onto the ASA and created local certs distributed to clients and all ok but cannot get past phase 1 with group2/5 miss matches.
Anyone have working examples of IPSEC, LDAP, Certs and the native Apple Client?
Thanks!
09-10-2013 01:59 PM
Hi Dwayne,
In case of Ipsec vpn clients , we can do group authentication using certificates and user authentication using LDAP.
Below is the link to configure certificate authentication on ASA:-
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080930f21.shtml
for LDAP authentication, you can following below link:-
https://supportforums.cisco.com/docs/DOC-3843
Let me know if it helps.
09-11-2013 12:30 PM
Thanks so much Naresh. I had found these links and reviewed them in detail and attempted to implement but with no success.
I will update once I find a solution.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide