Re: Capsule VPN (ios) auth with 3rd-party certific...

dede79 · ‎2023-09-16

Hello,

we try to setup auth for the capsule vpn clients with the certificates rolled out by the MDM.

I added the MDM CA as trusted opsec pki, the certs and capsule configs are pushed to all devices but trying to connect I just get "malformed reply from site".

Is it necessary that the gateway (R81) also has installed a certificate from thet mdm-ca to authenticate the devices?

Do I have to create users for that devices or map them better to an ldap group?

Case is open since many weeks but no progress...maybe someone here got it work.

the_rock · ‎2023-09-16

Is this for harmony mobile? If so, we have a customer where this works, so I can check it Monday.

Andy

dede79 · ‎2023-09-17

no - just capsule vpn.

the_rock · ‎2023-09-17

K, got it. Maybe confirm with TAC, see what they say.

dede79 · ‎2023-09-26

Any news? Tac says we need an https cert of the 3rd party CA on mob blade - this would lead to a cert replacement since only one cert is possible per gateway (...usercheck......remotew access client trust) - so no option.

Are you a member of CheckMates?

Capsule VPN (ios) auth with 3rd-party certificates