Irek Romaniuk

Disabling CRL checking for centrally managed VPNs

Discussion created by Irek Romaniuk on Aug 1, 2017
Latest reply on Aug 3, 2017 by Irek Romaniuk

I have many 1100/1400 smart provisioned, centrally managed appliances which do CRL check with management server (fw1_ica_services port)  and if check fails tunnel is dropped with default of 24h. Is there a way to disable this check i.e. sk21156 ? I don't need CRL check because if I don't want appliance to have tunnel up I will terminate the provisioned object on mgmt server. Please advice