Howto: Issue certificate for a Cisco VPN client

Discussion in 'Server Security' started by Jim Kelly, Jun 16, 2009.

  1. Jim Kelly

    Jim Kelly Guest

    I have looked around and did not find anything to help me on this so maybe
    someone here can help. I have a Cisco ASA as a VPN endpoint for a Remote
    Access VPN. I want to use certificates to connect to the VPN. I have this
    set up to work, but issuing the certs is a bit of a pain for end users,
    currently they have to fill out a cert enrolment request from the VPN client,
    including the VPN tunnel name, which I have obfuscated, so it is not that
    easy to remember.

    What I would like to do is have them go to the cert server (web page) and
    request a corp-vpn certificate. They can do this currently with EFS and User
    certificates. However, the VPN certificate needs to have the VPN tunnel name
    in the OU field. How do I create a certificate template so that they just
    have to login to certsvr and select corp-vpn, and be issued a certificate
    with a pre-specified OU (which I will put in), then just import it into the
    VPN client?

    Thanks in advance.
    Jim Kelly, Jun 16, 2009
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.