Hi,
I am looking for someone with experience from setting this up. I have Googled tons of doumentation om how to configure this, but have no conclusive answers. Using FAC 4.0 and FOS 5.2.latest.
Basically I have two issues: 1) I'm not 100% sure how SCEP is intended to work. 2) Configuration of the FAC seems non-trivial.
For my first test I just wanted to generate a CA Cert on the FAC import the Cert in the FGT, and *manually* create an IPSec tunnel on the FGT. But the imported Cert is not available in the drop-down box in the P1 configuration. What did I do wrong?
Secondly, attempted to enable SCEP on the tunnel, generate an enrollment form the FGT to the FAC - and see the request as 'Pending' in the FAC. Authorize it in the FAC - and then nothing happens? The Cert is never deployed to the FGT. What have I missed?
Any pointers or tips are greatly appreciated!
~Mike