Two factor remote access VPN

cisco_troopercisco_trooper Member Posts: 1,441 ■■■■□□□□□□
I'm working on trying to utilize user certificates as a means to make our remote access VPNs more secure. The trouble I am having is in finding a way to tell the ASA to use the user certificates as part of then authentication process. Currently I have remote access VPN tunnels set up with pre-shared keys. Each user authenticates via a domain account through RADIUS. Rather than using just Group Authentication, I want to use Mutual Authentication so the user has to have a valid certificate issued through my Microsoft CA. My ASA has been authenticated with the Microsoft CA.

I guess the question is, how do I configured the remote access tunnel to use the user certificate as well?

I'm not find any good examples OR documentation on this. I'm to the point now that I have spent so much time looking at it that I just keep looking at the same things over and over again. I think I have tunnel vision.

Can someone PLEASE point me in the right direction...?? icon_confused.gif

Comments

Sign In or Register to comment.