Cisco Cisco AnyConnect Secure Mobility Client v2.x Manuel Technique
Cisco IOS Router Certificate Maps Use to
Distinguish User Connection Between Multiple
WebVPN Contexts Configuration Example
Distinguish User Connection Between Multiple
WebVPN Contexts Configuration Example
Document ID: 116125
Contributed by Nehal Naik and Atri Basu, Cisco TAC Engineers.
Sep 04, 2014
Contents
Introduction
Prerequisites
Requirements
Components Used
Configure
Network Diagram
Step 1. Generate Router Identity Certificate
Step 2. Configure the Certificate Maps
Step 3. Configure WebVPN Gateway
Step 4. Configure WebVPN Context
Step 5. Configure Local User
Final Router Configuration
Verify
Certificate Verification
End User VPN Connection Verification
Troubleshoot
Related Information
Prerequisites
Requirements
Components Used
Configure
Network Diagram
Step 1. Generate Router Identity Certificate
Step 2. Configure the Certificate Maps
Step 3. Configure WebVPN Gateway
Step 4. Configure WebVPN Context
Step 5. Configure Local User
Final Router Configuration
Verify
Certificate Verification
End User VPN Connection Verification
Troubleshoot
Related Information
Introduction
This document provides a sample configuration for a Cisco IOS
®
router for a Secure Sockets Layer (SSL)
VPN configuration where certificate maps are used to authorize a user connection to a sepecific WebVPN
context on the router. It makes use of Dual Authentication: Certificate and User ID and Password.
context on the router. It makes use of Dual Authentication: Certificate and User ID and Password.
Prerequisites
Requirements
Cisco recommends that you have knowledge of SSL VPN configuration on Cisco IOS routers.
Components Used
The information in this document was created from the devices in a specific lab environment. All of the
devices used in this document started with a cleared (default) configuration. If your network is live, make sure
that you understand the potential impact of any command.
devices used in this document started with a cleared (default) configuration. If your network is live, make sure
that you understand the potential impact of any command.