Once the root certificate has been exported, go to ASDM. Save the root certificate on arbitrary location and click Next. Select DER encoded binary x.509 (.CER) and click Next. Select No, do not export the private key and click Next. Right click the root certificate > Export. On the CA server, open Certificate mmc snap-in > Certificate (Computer) > Personal > Certificates. Install Root CA certificate on ASAįirst off, I am going to download Root CA certificate from my CA server. Let’s look at how to configure ASA for Certificate-based authentication. By doing this, you can restrict An圜onnect access to your corporate devices only.īefore dive into the configuration, if you have not set up automatic certificate enrollment for end users, check out t h i s p o s t first and come back here 🙂 You can configure ASA to allow An圜onnect access only from the devices which have a certificate signed by your CA server installed on it. Normally you do not want your employees to use their personal devices to access company resources. This is where Certificate-based Authentication comes in. with LDAP authentication, you can control who can do remote access with An圜onnect however with LDAP configuration anyone who knows LDAP username and password can do remote access from any personal devices as long as An圜onnect client is installed on it. In the previous few posts, I have set up An圜onnect VPN and LDAP authentication for An圜onnect.
0 kommentar(er)
