Ssl-vpn configuration

deacongibson

Can some help please:
The subject is SSL VPN (Using GNS3)
I have setup an ssl vpn and his working using AAA authentication method in my GNS3 lab. But have not be able to get it to work using certificate authentication method. In fact I am now confuse, I need someone who can give me a working ASA configuration excluding the Microsoft server configuration (that is working very fine. As I can issue certificate): See here under for my setup:


1. ASA 5520 with IOS 8.4
- inside interface: 192.168.100.0/24
- outside interface: 192.168.137.0/24
- dmz interface: 172.100.100.0/24

2. Microsoft Windows server 2008 as domain controller and active directory
3. Microsoft Windows server 2003 as member server hosting the certificate services
- Domain server IP: 172.100.100.2
- certificate server IP: 172.100.100.3
4. Windows XP sp3 as client machines
IP: 192.168.100.0/24
5. SSL VPN configuration
a. NAT configuration
b. Address pool 192.168.100.100 – 192.168.100.150
c. Split tunnel option: Tunnel network list below
d. Access-list implementation


Note: I will appreciate any already existing working SSL-VPN configuration.
Deacon Gibson

SecurityThroughObscurity

have you issued identity certificate for ASA?
have you imported root certificate to ASA?