Yes. Resolution I ended up resorting to was recreating the trust points. Essentially what I figured was that ASA would get to the point where it wld needed to exchange it's identity with the clients; said ID wld be based on the issued cert from the Microsoft CA. This acting as a identity...
I'm attempting to setup an other Cisco ASA5520. Getting the below error. The part that I presume is the problem is when the ASA says "Attempt to get Phase 1 ID data failed while constructing ID"
After that the connection is drop by the ASA and the Client says something on the order of server...
can someone direct me where I can find some sort of how-to or background data for crypto maps?
I'm configuring an ASA 5520 and I just about have the thing working but having an issue with the crypto maps (I think :). I'm setting up the unit using the CLI (not the gui thing) and have...
Does anybody know if you can do something like the Cisco IOS routers do for ip forward-protocol on a Cisco ASA? There is a dhcp helper command but I don't see the generic ip forward protocol.
What I'm trying to do is for a XDMCP broadcast from one interface on an ASA and forward this to a...
Ok tks. But not tracking as the beast says that the cert is valid.
Does that mean s/t else? Anyhow, I dub that the cert map or tunnel group is incorrectly configured as it's not passing the user to the aaa server (ldap) for see that he shld have access.
From the looks of it the cert is check...
Ok, and below is the configure. (kind of heavily modified but hopefully this helps.)
"
show run
: Saved
:dc=domain,dc=com
ASA Version 8.0(4)
!
hostname ra01
domain-name domain.com
enable password xxxxx encrypted
passwd xxxxx encrypted
names
!
interface Vlan1
nameif outside
security-level 0...
Looked at it a little more. This is the entire output of the debug ca when I try and get a client to connect.
"CRYPTO_PKI: Ignoring self signed certificate received from peer
CRYPTO_PKI: Attempting to find tunnel group for cert with serial number: 12139FF2000000000026, subject name...
I'm setting up a remote access VPN with a Microsoft CA. I had the thing working but at the last point I changed out the trustpoint in order to get the CRLs working. While that all works fine now and the router checks if the cert is still valid I managed to break everything.
After the cert is...
Question on failover routing for a none BGP router.
I have a Cisco 3800 which has 3 interfaces. s1/0 is a DS/3 interface. This is the primary upstream and downstream medium. This has a /30 ip address with the upstream provider, which I don't own. g0/1 connects to a secondary ISP. This is a...
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.