Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PIX PDM/VPN CA Problem

Hi,

I have configured a PIX506E to use certificates from a Microsoft CA for a site-to-site VPN. Gernerating RSA keys, either General or Usage, work. Authenticating the CA and enrolling the PIX with the CA have no problems. I save the certificates and write the configuration to memory. VPN works without any problems. However after enrolling with the CA, connectivity to the PIX Device Manager (PDM) is lost. If I zeroize the RSA keys, I regain connectivity to the PDM, but loose the VPN!

Both the PIX and PDM are the latest software releases the PIX 506E support.

Any suggestions?

2 REPLIES
Anonymous
N/A

Re: PIX PDM/VPN CA Problem

Do you have MS SCEP addon installed? It is required for enrollment.SCEP can be configured to use Challenge passwords during enrollment (as security feature).If so, then you should get a challenge string (using web link to SCEP page on CA server)

New Member

Re: PIX PDM/VPN CA Problem

CA support was working fine. The problem was that I was using an Enterprise CA not a stand alone CA. The new certificates were causing the SSL to fail when loading the certificates.

108
Views
0
Helpful
2
Replies
CreatePlease to create content