From: pankaj ahuja (networksecurityconsultant@gmail.com)
Date: Wed Sep 19 2007 - 14:04:47 ART
Hello All,
When the users access the webvpn login page via the URL https://A.B.C.D ,
they see an Certificate error page that says
"The security certificate presented by this website was not issued by a
trusted certificate authority.
The security certificate presented by this website was issued for a
different website's address"
and then it presents the option to "close the website" or "continue to this
page". After choosing continue to this page Users finally reach the page
where they are to login using their Webvpn credentials.
I'm trying to remove the Certificate error page and know that it has got
something to do with the Certificate on the VPN Concentrator. what I'm not
sure about is the procedure, i.e.
Do I need an Identity Certificate from a CA first and then I should generate
a Certifcate on the Concentrator?
Should I not be able to skip the CA part and just have a Certificate
generated on the VPN Concentrator. I know the users wouldn't be able to
verify the Certificate but all we're aiming for is to not reach that page
wherein it says Certificate Error.
To describe the Topology we have :
We have WebVPN on a VPN concentrator 3020 which is configured for Load
Balancing with a 3015. Also these concentrators are behind 2 different
Firewalls, the private and public interfaces of these Concentrators have a
private IP. The public interfaces are Natted on the Firewalls to a public
IP.
Any suggestion on how to make this possible are welcome.
Thanks
Regards
Pankaj
This archive was generated by hypermail 2.1.4 : Sat Oct 06 2007 - 12:01:13 ART