RE: Register a windows client on IOS CA

No. Below is an option it on the ACS, please re-read. How would a self
signed certificate be authorized by a different CA?

Regards,

Tyson Scott - CCIE #13513 R&S and Security

Technical Instructor - IPexpert, Inc.

Telephone: +1.810.326.1444
Cell: +1.248.504.7309
Fax: +1.810.454.0130
Mailto: tscott_at_ipexpert.com

Join our free online support and peer group communities:
<http://www.IPexpert.com/communities> http://www.IPexpert.com/communities

IPexpert - The Global Leader in Self-Study, Classroom-Based, Video On Demand
and Audio Certification Training Tools for the Cisco CCIE R&S Lab, CCIE
Security Lab, CCIE Service Provider Lab , CCIE Voice Lab and CCIE Storage
Lab Certifications.

From: Sadiq Yakasai [mailto:sadiqtanko_at_gmail.com]
Sent: Tuesday, August 11, 2009 11:41 AM
To: Tyson Scott
Cc: Cisco certification; Cisco certification
Subject: Re: Register a windows client on IOS CA

Thanks for the feedback Tyson. Thats a very good suggestion. But what if we
dont have terminal access to the ACS server in the lab? All options of
copying files on to it are out then. I guess I could generate a self-signed
certificate on the ACS and import that to the IOS CA, can I?

Sadiq

On Tue, Aug 11, 2009 at 3:41 PM, Tyson Scott <tscott_at_ipexpert.com> wrote:

With ACS it is easy as you can create the request from the application and
paste it to the router as a PKS10# certificate request. If you have setup
the IOS CA to do database complete it will save the certificate to the
database destination which you can then TFTP to the ACS server.

For XP the question would be how they are going to allow you to create the
certificate request. If IIS is installed on WinXP then that could be used
to do the request. I am not sure they have that on the test. They may have
the request already created for you and you have to paste it to the router
and then copy the certificate chain to XP.

There is no automatic way to request the certificate as the XP workstation
doesn't support SCEP.

Regards,
 
Tyson Scott - CCIE #13513 R&S and Security
Technical Instructor - IPexpert, Inc.

Telephone: +1.810.326.1444
Cell: +1.248.504.7309
Fax: +1.810.454.0130
Mailto: tscott_at_ipexpert.com
 
Join our free online support and peer group communities:
http://www.IPexpert.com/communities
 
IPexpert - The Global Leader in Self-Study, Classroom-Based, Video On Demand
and Audio Certification Training Tools for the Cisco CCIE R&S Lab, CCIE
Security Lab, CCIE Service Provider Lab , CCIE Voice Lab and CCIE Storage
Lab Certifications.

-----Original Message-----
From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
Sadiq Yakasai
Sent: Tuesday, August 11, 2009 8:01 AM
To: Cisco certification; Cisco certification
Subject: Register a windows client on IOS CA

Hi guys,

When working with IOS CA, is it possible to register a windows client with
it? Does Windows XP (for example) support SCEP?? If we were to configure ACS
to register with your CA, would this be possible if our CA is a IOS CA?

Any document or help in regards will be much appreciated.

Thanks,
Sadiq

--
CCIE #19963
Blogs and organic groups at http://www.ccie.net