Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Remote Access VPN without a certificate

Hi all,

I'd like to deploy Remote access VPN for ASA 5512 using Cisco anyconnect secure mobility client version 3.1.05152. However it requires a valid certificate from a trusted CA such as verisign, entrust...

Is there anyway I can use the self-sign certificate? Thank you for helping me!

1 ACCEPTED SOLUTION

Accepted Solutions
Bronze

Remote Access VPN without a certificate

Hi Harry,

i think it would be still possible to configure VPN just with simple AAA authentication.

From my opinion you have just configured your client to check trustworthy of certificate installed on your ASA.

Please uncheck option like on sccreenshot:

untrusted_cert.png

Thanks,

Jan

6 REPLIES
Bronze

Remote Access VPN without a certificate

Hi Harry,

i think it would be still possible to configure VPN just with simple AAA authentication.

From my opinion you have just configured your client to check trustworthy of certificate installed on your ASA.

Please uncheck option like on sccreenshot:

untrusted_cert.png

Thanks,

Jan

New Member

Remote Access VPN without a certificate

Hi Jan,

I've tried but unsuccessfully

Screen Shot 2014-02-17 at 11.39.42 pm.png

Could you please advise which AnyConnect version you're using?

Thank you!

Bronze

Remote Access VPN without a certificate

Hi Harry,

my version is 3.1.04059 but i don't think it version problem now.

What do you see in log on ASA? Also what logs are telling you in Anyconnect client.

Do you have certificate installed/generated on ASA?

Best regards,

Jan

New Member

Remote Access VPN without a certificate

Hi Jan,

I use self-signed certificate. Can you please advise, thank you

Bronze

Re: Remote Access VPN without a certificate

My last suggestion is to check Anyconnect local policy file AnyConnectLocalPolicy.xml.

Please check this in xml:  false

Also please read this document:

http://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect25/administration/guide/anyconnectadmin25/ac04localpolicy.html#wp1055371

Best regards,

Jan

New Member

Remote Access VPN without a certificate

Hi Jan,

Problem soved, it's certificate issue. Re-create and all good. Thank you so much for your help!

306
Views
10
Helpful
6
Replies
CreatePlease login to create content