[strongSwan] Cisco ASA as a client

abi abi at abinet.ru
Tue May 26 20:40:22 CEST 2015


I have a small issue with Cisco ASA as the client with ikev1 key 
exchange. Certificates can be validates only with ignore-ipsec-keyusage 
usage, so looks like it lacks necessary ExtendedKeyUsage bits, but I 
can't find which one.

The following PKI flags  was used for client cert --flag clientAuth 
--flag ikeIntermediate

What else can be added to please ASA ?

More information about the Users mailing list