Cisco Support Community
Community Member

Moved config from ASA 5510 to 5512, VPN connection doesn't work.

I moved a configuration file from a 5510 to a 5512, and upgraded from 8.4 to 9.0.3 IOS version.

The configs look identical, I put the cert back, but it doesn't want to allow VPN to connect.  There are several new lines of code that arrived with the new version, one in particular I can't find much on at all:

crypto ca trustpool policy

It won't let me remove that line, but as far as I can tell, it is not necessary if there is a cert installed.  Could that be my issue?  Do I need to reissue something with the cert?  The way I replaced it was to type:

crypto ca trustpoint [TrustPoint]

crypto ca certificate chain [TrustPoint]

certificate ca [cert]

[Hex code for Cert]


The config appears exactly the same now, do I have to do anything else?  I'm not terribly familiar with using certs.

Everyone's tags (1)
Community Member

I would reinstall the cert

I would reinstall the cert from the provider. Or better yet get a new cert and install it.

Community Member

If I install a new cert, is

If I install a new cert, is it going to do anything to the access?  I'm really a noob when it comes to certs.

CreatePlease to create content