I can tell you that I have used DogTag 1.3 with Cisco based IPSec VPNs between routers (not using ASAs) with no problem – other than – I had to change the RSA hashing algorithm at setup to utilize SHA-1 instead of the default of SHA-256 – which the cisco routers I was testing with did not support.

Is anyone using, or has tested, Dogtag with certificate based VPN? And more specifically with Cisco ASA Anyconnect and IPSEC VPN?

I searched through the dogtag mailing list archive and the Cisco forums and found someone tried to do this in 2010 and had problems that I can only assume there was no resolution to. The last posting I saw was someone giving the blanket vendor reason of “Cisco does not support that CA”. Given that there has not been a posting since, and that was two years ago, I was curious if anyone had tested/implemented it?

Nick