Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 9 replies
  • Subscribers 1 subscriber
  • Views 3378 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Cisco VPN Client with Thawte SSL123

MadMaex
Hello,

we bought a Thawte SSL123 certificate yesterday an installed it in Sophos UTM 9.1.
The certificate is working for WebAdmin/User Portal, for TLS and so on, but if we try to use it for Cisco VPN Client following error occurs:
The certificate of the CA that issued the 'host.domain.com' certificate is needed.

The "Thawte Primary Root CA" and the intermediate CA "Thawte DV SSL CA" are both installed in "Certificate Management / Certificate Authority", as 2 CAs.

Please help!

Bye
Markus


This thread was automatically locked due to age.
Parents
  • 0
    I wonder if that's a limitation imposed by iOS.  If you disable iOS before configuring, does WebAdmin let you enable iOS and then can you connect with your iPhone?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    I wonder if that's a limitation imposed by iOS.  If you disable iOS before configuring, does WebAdmin let you enable iOS and then can you connect with your iPhone?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • 0 in reply to BAlfson
    Hello,

    if I disable the "Cisco™ IPsec configuration status for iOS™ devices" I can enable "Cisco VPN Client" with the server certificate used for the Sophos UTM GUI.

    But if I want to re-enable the "Cisco™ IPsec configuration status for iOS™ devices" I get the same error message again:

    Remote Access → Cisco™ VPN Client → Global:
    The certificate of the CA that issued the 'host.domain.com' certificate is needed. Continuing will disable Cisco VPN client iOS support.

    I imported the correct Root CA and Intermediate CA for my server certificate. The server certificate can be used without problems for the UTM GUI

    BR
    Markus
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML