Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

VPN Concentrator CRL

Hi everyone,

I was hoping someone could help me out with this one. My VPN Concentrator has stopped retriving the CRL. I have confirmed that our CA's CRL list can be contacted from a client and i have confirmed that the CRL Distribution Point on the Concentrator is the correct address. Whenever our routers (with certificates) try to connect, the Concentrator tries to confirm the CRL by retriving it but it then says "Transaction Timed Out". Anyone any ideas on this one or any tests i can use to fault find this one ?

Thanks in advance

New Member

Re: VPN Concentrator CRL

Please ignore this, i have identified that our ISA Server is blocking the request to the website. I will investigate why ISA is blocking this.



New Member

Re: VPN Concentrator CRL

I have done further testing and it appears that the issue is with the GET command that the VPN Concentrator is sending through for the CRL. It is missing the FQDN ? GET /blah/blah.crl. It then sends back a (bad hostname).

Anyhow else having this issue ?