Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Configuring CA on a pix 515 E

HI,

I am having problems configuring CA on my pix 515E running 6.3(5) and a restricted licence.

I am using Win 2003 for CA server. I have not had any issues configuring CA on IOS or ASA 7.1. However no success with the 515. I am not sure what the problem is either :

a) issue with win2003 CA. The config guide for 6.3(5) mentions win 2k as the compatible CA server;

b) the restricted licence (i dont think so ???).cant find anything at CCO that suggests this may be the case.

c) my config ( see below)

Appreciate any suggestions

thanks

carlos chorao #11351.r/s

When I auth the CA I get the following

labpix(config)# ca auth ca_1

Certificate has the following attributes:

Fingerprint: a83c33c1 9d17ccdb b71b0c4d 8a35db36

however when i look for the public cer i get zip

labpix(config)# ca auth ca_1

Certificate has the following attributes:

Fingerprint: a83c33c1 9d17ccdb b71b0c4d 8a35db36

labpix(config)# exit

labpix# sh ca cert

labpix#

detailed configs are below-----------------------------------------------

labpix# sh ca mypub rsa

% Key pair was generated at: 13:16:47 nz Jun 3 2006

Key name: labpix.solvertech.co.nz

Usage: General Purpose Key

Key Data:

xxxx

labpix#

labpix# sh run

: Saved

..

...

ca identity ca_1 10.1.1.2:/certsrv/mscep/mscep.dll

ca configure ca_1 ca 1 10

Cisco PIX Firewall Version 6.3(5)

Cisco PIX Device Manager Version 3.0(4)

Compiled on Thu 04-Aug-05 21:40 by morlee

labpix up 2 hours 38 mins

Hardware: PIX-515E, 64 MB RAM, CPU Pentium II 433 MHz

Flash E28F128J3 @ 0x300, 16MB

BIOS Flash AM29F400B @ 0xfffd8000, 32KB

0: ethernet0: address is 0015.6398.8263, irq 10

1: ethernet1: address is 0015.6398.8264, irq 11

2: ethernet2: address is 000e.0c85.34b6, irq 11

Licensed Features:

Failover: Disabled

VPN-DES: Enabled

VPN-3DES-AES: Disabled

Maximum Physical Interfaces: 3

Maximum Interfaces: 5

Cut-through Proxy: Enabled

Guards: Enabled

URL-filtering: Enabled

Inside Hosts: Unlimited

Throughput: Unlimited

IKE peers: Unlimited

This PIX has a Restricted (R) license.

1 REPLY
Bronze

Re: Configuring CA on a pix 515 E

124
Views
0
Helpful
1
Replies