Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Setting up Remote Access VPN using third party certificate.

We currently have a couple of remote access VPN's using pre-shared keys but need to transition those to using certificates in the near future.  User authentication is provided by RSA tokens.  We have 5510 ASA at another location that I am using as a test bed to configure a remote access VPN using a third party certificate.  We purchased an identity certificate for the ASA from GoDaddy and have installed both the identity certificate and the root CA cert on the ASA.  The question now is how to setup the Cisco VPN Client.  Do we need to purchase seperate certificates for each of the remote clients?  Will it work using the same certificate on several different clients?  Is there a way to do this without having to purchase third party certificates?

Everyone's tags (3)
1 REPLY
Cisco Employee

Setting up Remote Access VPN using third party certificate.

For SSLVPN and HTTPS in general it's best to have a certificates with from one of the big PKI providers.

For IPsec however it is not required. You can have both ASA and user certificates provided by an internal CA (windows CA, openCA, ejbca, etc...)

There is a basic configuration example:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080930f21.shtml

It might not be EXACTLY what you're looking for but should get you started.

584
Views
0
Helpful
1
Replies
CreatePlease login to create content