Home > Technical > Cisco > Cisco – Configuring EZVPN with PKI along with DMVPN tidbits

Cisco – Configuring EZVPN with PKI along with DMVPN tidbits

These are not documented by Cisco:

On CA router:

  • Create a pki server
  • Create a trustpoint to the CA; make sure you give it a different name than the pki server
  • Authenticate to the CA
  • Enroll to the CA

On Client router:

  • Create a trustpoint to the CA
  • Authenticate to the CA
  • Enroll to the CA

Other general tidbits:

Now if you’re doing EZVPN with PKI, remember to create a username and password on the Hub router and use that user in your ezvpn client configuration on the remote router.

If you configure your EZVPN client in “network-extension” mode as opposed to client mode, you do not need to create an ip pool on the Hub router.

Copyright © 2012-2017 Yared Consulting Inc. All Rights Reserved. | Privacy Policy | Terms & Conditions