Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
220
Views
0
Helpful
2
Replies

Moved config from ASA 5510 to 5512, VPN connection doesn't work.

dustin.kinn
Level 1
Level 1

‎04-24-2014 08:08 AM

I moved a configuration file from a 5510 to a 5512, and upgraded from 8.4 to 9.0.3 IOS version.

The configs look identical, I put the cert back, but it doesn't want to allow VPN to connect.  There are several new lines of code that arrived with the new version, one in particular I can't find much on at all:

crypto ca trustpool policy

It won't let me remove that line, but as far as I can tell, it is not necessary if there is a cert installed.  Could that be my issue?  Do I need to reissue something with the cert?  The way I replaced it was to type:

crypto ca trustpoint [TrustPoint]

crypto ca certificate chain [TrustPoint]

certificate ca [cert]

[Hex code for Cert]

end

The config appears exactly the same now, do I have to do anything else?  I'm not terribly familiar with using certs.

Labels:
0 Helpful
2 Replies 2

bmurray
Level 1
Level 1

‎04-24-2014 02:52 PM

I would reinstall the cert from the provider. Or better yet get a new cert and install it.

0 Helpful

dustin.kinn
Level 1
Level 1

‎04-24-2014 06:55 PM

If I install a new cert, is it going to do anything to the access?  I'm really a noob when it comes to certs.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents