VPN ASA Authentication to MS CA


Just a quick question related to the configuration of a ASA 5500.

I'm deploying a PKI and I would like to be able for my clients to connect from the internet through a ASA5500 to get authentified straight to an internal MS CA without using the Cisco Local CA Server. Is it possible?

Is it possible to create a local server on the ASA and put it in RA Mode so the requests from the VPN Client go straight to the internal MS CA?

Or else, could I use a cerficate chain using two certificates .. one for the Cisco ASA Authentication to the ASA Local CA Server followed by one for the authentication to the internal MS CA?

Thank you,


Reply to
Loading thread data ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.