CA server - VPN authentication

[silks101]

I started with this comapny about 6 weeks ago so was still getting used to the setup. Unfortunately the the cerificate used for vpn authentication expired.

I am totally new to CA servers and VPNs and IPSEC tunnels so
I thought I could just renew the certificate and everthing would be fine - but this is not the case.

I have now created a new Certificate - and rolled it out to the headend routers - it looks as though the certificates have been implemented correctly although I can see no confirmation on the CA server.

I have also (I think) managed to get the new certificate to branch routers but when the VPN tunnels are supposed to come up they don't

I am using cisco 3725 as the head end and cisco 837 for the branches.

everything worked fine before the certificate expired so I have not ammended any configs - does someone know of a correct procedure for renewing the certificate and re-establishing the IP sec tunnels for the branches.

Or a link to a guide that explains how it is done?

Without these tunnels a lot of the routes have been lost so branches currently have limited connectivity.

Many thanks in advance

Steve Lindley
CCNA