Case Studies

This section contains some troubleshooting issues that are slightly more uncommon than those contained in the main section on troubleshooting IPSec VPNs.

Topics covered in this section include CA server authentication and enrollment issues, together with VPN client IKE negotiation issues.

CA Authentication or Enrollment Fails

If you are using a certificate server for certificate distribution, you will need to authenticate the CA server and then enroll your router with the CA to obtain a certificate. A number of issues can, however, cause authentication or enrollment to fail.

In this case study, the network administrator at the Tokyo site is attempting to obtain a certificate for the local router.

In Example 8-98, the administrator ...

Get Troubleshooting Virtual Private Networks now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.