Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Concentrator Lan-to-Lan VPN Using Certificates

Hi,

I need to set-up a lan-to-lan VPN with a Concentrator, with a 5520 ASA at the remote end. Instead of using a pre-shared key like we normally would, we have been asked by the remote end to get a certificate from Verisign.

I have researched the process for this but am still not entirely clear. As I understand, we will need to install a (free) root certificate on the concentrator, then;

1. Generate an identity certificate enroll request (PKCS10?)

2. Make a copy of the request text then send this to Verisign to complete the identity certifcate enrollment process (PKCS #7?)

Could anyone confirm - is this the correct procedure?

Also, Verisign themselves say that we need an SSL certificate for this which I believe is wrong? I thought it was just a digital identity certificate.

Thanks in advance.

2 REPLIES
Community Member

Re: Concentrator Lan-to-Lan VPN Using Certificates

Further to this, I have a list of root certs I downloaded from Verisign. Can I install all these (as I dont know which one is needed) - will it cause any problems on the concentrator?

Thanks

Community Member

Re: Concentrator Lan-to-Lan VPN Using Certificates

Hi,

Still unsure on this - would be very grateful if anyone could be of help?

Thanks

113
Views
0
Helpful
2
Replies
CreatePlease to create content