Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

IPSec RA VPN with Microsoft Certificate authenticate

Hi All,

I'm trying to configure RA VPN authentication using digital certificate instead of pre-shared key. I followed the below Cisco document (url), but at last I;m not clear how the vpn client get its identity certificate when vpn client application re-lauched (re-open) after installing same certificate in the CA server itself.

(step 3, part f.”Exit the VPN client and re-launch it in order to make the installed identity certificate start to appear in the certificate tab of the VPN client, as shown)

I'm not convience how the locally installed client certificate on CA server comes to VPN client software and show its Certification Authentication drop down box. CA server is not part of the domain, but there's no pre-requesties that CA serve must be in the domain..?

Since that is not possible, I mannually installed both CA certificate and client certificate on the VPN clients but it does not appearing in the Certification Authentication drop down box. (step 4. In the Connection entries tab....)

Can some one please guide me or point me to a correct document...?


New Member

IPSec RA VPN with Microsoft Certificate authenticate


On the VPN client the certificates will appear in the drop down tab once you manually import the Identity certificate.

Click the "Certificates-->Import" option in the tool bar of VPN client.



New Member

IPSec RA VPN with Microsoft Certificate authenticate

Hi Rohan,

Thanks for your response..

It is appearing in the under the certificates tab, however when I tried to create a new VPN connection, we have two option 1. Group Authentication where you type pre-shared key, and other option 2. Certificate Authentication there I don't see the imported certificate in the drop down box.



CreatePlease to create content