There's a mobile version of our website.
enabled cisco anyconnect vpn on an ASA series firewall and when I select local AAA
authentication I can connect my Anyconnect client.
But, when I select certificate based authentication, I'm not able to connect the Anyconnect VPN client to the firewall and an eeror message "certificate validation failure" is displayed. I think I may not have configured the ASA or my browser correctly. Can anybody help me and tell me the correct procedure for certificate based authentication without having to give a username and password?
I guess you would have implemented this feature already by now, but here are the details:
1. As a first thing we need to install certificate on the ASA (self-signed or third party) Here is the link providing all the details for this:
2. Next we need to configure the Anyconnect to use these certificates, here is the conifg for this via ASDM:
3. Then we need to apply a certificate on the Client machines, one identity certificate and then the certificate Chain (root and intermediate certificates). We need to make sure the ASA certificate and the identity cerificate is signed by a CA in the certificate chain installed on both ASA and the client.
If you are facing issues even after this, let me know.
Hope this helps,
Login to share your discussion activity with your friends on Facebook. You can control what you share and turn off sharing anytime.
Your Facebook friends can now see that you have started this discussion
Your Facebook friends can now see that you have commented on this discussion
Your Facebook friends can now see that you have read this discussion