[c-nsp] Cisco ASA digital certificate

Ryan West rwest at zyedge.com
Wed Jul 1 15:28:00 EDT 2009


Tom,

Thanks for making me take a look:

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/cert_cfg.html#wp1067484

Good info to have handy.  Guide above is for 8.2, but it's supported in all 8.x.

-ryan

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Tom Sutherland
Sent: Wednesday, July 01, 2009 12:20 PM
To: almog ohayon
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] Cisco ASA digital certificate

I've not used it myself, but I believe an ASA running 8.x code can
actually act as a certificate authority itself.

On Wed, 2009-06-24 at 03:35 -0400, almog ohayon wrote:
> Hello Everyone,I have the following requirements for small integration
> project and it's not working:
> 1. Remote access VPN for only 1-2 users.
> 2. Remote users can get access to the internal network only with certificate
> - software or hardware.
> 3. the gateway is Cisco ASA 5510.
> 
> *notes:*
> 1. i don't want to use Microsoft CA server or any dedicated CA server for
> certificate enrollment.
> 2. i want to install the ASA as standalone device and the certificates will
> be installed on it.
> 3. i can use both Cisco IPsec client or Cisco anyconnect client.
> 
> 
> if someone has solution for me or recommendation it will be great.
> if anyone think of a better security authetication solution also be great.
> 
> thanks.
> --
> Almog Ohayon.
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


More information about the cisco-nsp mailing list