Secure Mobile Access 12.4 Administration Guide

Device VPN endpoint enrollment

The device VPN feature depends on the client certificate to authenticate endpoint or a device for device-level VPN access.

Unless the customer has an existing Certificate Enrollment Web Service (CES) or Certificate Enrollment Policy (CEP) web service setup, deployment of device certificates is complex and becomes a hurdle for using Device VPN.

From 12.4.2. onwards, you can:

  • Deploy client certificates on end devices for Device Tunnel authentication.

  • Get details of the list of enrolled device certificates such as device certificate subject DN, Device ID, expiration date, and so on.

  • Revoke or delete enrolled device certificates.

  • An enrolled device certificate expires in 90 days and is auto-renewed 15 days prior to the expiry.

Topics

Refer to Establishing a Device VPN connection section Connect Tunnel guide to deploy client certificates on end devices for Device Tunnel authentication.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

  • Hidden
  • Hidden

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.
  • Hidden
  • Hidden