Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
286
Views
0
Helpful
1
Replies

pix certificate and mscep

mrmozaffari
Level 1
Level 1

‎09-29-2006 01:47 PM

Hi

We have a cisco pix firewall ,i ve done every step to configure pix certification for l2tp connection also i've set my clock and timezone to gmt and set the time to ca server time:

hostname mypixfirewall

domain-name saderat.com

ca generate rsa key 512

ca identity myca.saderat.com 10.1.1.5:/certsrv/mscep/mscep.dll

ca configure myca.saderat.com ca 1 20 crloptional

ca authenticate myca.saderat.com

ca enroll myca.saderat.com

% No CA root cert exists. Use "ca authenticate"

I turn on debuging with debug crypto ca and see crypto_fail status 266 when i entered ca authentication .... command.

Do i need any addtional configuration on Ca server i've only installed it and didnt change any configuration i also want to know when i install msecp what kind of encryption and authentication i must use ?

Thanks.

Best Regards bahman mozaffari.

Labels:
0 Helpful
1 Reply 1

andhoang
Level 1
Level 1

‎10-02-2006 09:07 AM

Your enrollment URL maybe wrong. Thus you can not download the root CA cert.

try this: http://10.1.1.5/certsrv/mscep/mscep.dll

and reauthenticate and re-enroll with the CA.

0 Helpful
Customers Also Viewed These Support Documents