Re: WEBVPN login page Cerrtificate Error

From: Farrukh Haroon (farrukhharoon@gmail.com)
Date: Wed Sep 19 2007 - 16:16:58 ART

• Next message: pankaj ahuja: "Re: WEBVPN login page Cerrtificate Error"
• Previous message: Scott Vermillion: "RE: no default-information out"
• Maybe in reply to: pankaj ahuja: "WEBVPN login page Cerrtificate Error"
• Next in thread: pankaj ahuja: "Re: WEBVPN login page Cerrtificate Error"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello Panjak

As Andy suggested the best option would be to buy a secure SSL cert from
Verisign. etc.
I would highly recommend Verisign because they have excellent support, at
least that has been my personal experience.

Another (temporary) option would be to add the web-vpn page as a 'trusted
site' in IE, that might do the trick.

Regards

Farrukh

On 9/19/07, pankaj ahuja <networksecurityconsultant@gmail.com> wrote:
>
> Hello All,
>
> When the users access the webvpn login page via the URL https://A.B.C.D ,
> they see an Certificate error page that says
>
> "The security certificate presented by this website was not issued by a
> trusted certificate authority.
> The security certificate presented by this website was issued for a
> different website's address"
>
>
> and then it presents the option to "close the website" or "continue to
> this
> page". After choosing continue to this page Users finally reach the page
> where they are to login using their Webvpn credentials.
>
> I'm trying to remove the Certificate error page and know that it has got
> something to do with the Certificate on the VPN Concentrator. what I'm not
> sure about is the procedure, i.e.
>
> Do I need an Identity Certificate from a CA first and then I should
> generate
> a Certifcate on the Concentrator?
>
> Should I not be able to skip the CA part and just have a Certificate
> generated on the VPN Concentrator. I know the users wouldn't be able to
> verify the Certificate but all we're aiming for is to not reach that page
> wherein it says Certificate Error.
>
> To describe the Topology we have :
>
> We have WebVPN on a VPN concentrator 3020 which is configured for Load
> Balancing with a 3015. Also these concentrators are behind 2 different
> Firewalls, the private and public interfaces of these Concentrators have a
> private IP. The public interfaces are Natted on the Firewalls to a public
> IP.
>
> Any suggestion on how to make this possible are welcome.
>
> Thanks
>
> Regards
> Pankaj
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: pankaj ahuja: "Re: WEBVPN login page Cerrtificate Error"
• Previous message: Scott Vermillion: "RE: no default-information out"
• Maybe in reply to: pankaj ahuja: "WEBVPN login page Cerrtificate Error"
• Next in thread: pankaj ahuja: "Re: WEBVPN login page Cerrtificate Error"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Oct 06 2007 - 12:01:13 ART