Hi,
I'm not sure about following statement.
Suppose I configure IPSec VPN with certificate authentication for Cisco VPN client (during IKE phase 1).
I think that it is not possible to configure the Cisco VPN client so it would check VPN central device's (ASA, PIX, Concentrator) certificate against a CRL issued by the CA.
In more general terms if I revoke the certificate assigned to ASA / PIX / ... the Cisco VPN client will ignore this.
Is this correct?
Regards
Martin