Hi,
I've been trying to setup an L2TP VPN connection using routing and Remote access. Along with a certificate based IPSec encryption and EAP certificate based authentication. I'm setting it up with workgroup machines because it must not rely on Acitve Directory! But for some Reason i continue to get the error '786: The L2TP connection attempt failed because there is no valid machine certificate on your computer for security authentication'. But I have setup a CA on the Server and installed the IPSec certificates on the server and client. I have also installed the client authentication cert on the client and the server authentication cert on the server, which were all issued from the CA on the server using the web interface! I've even tried issuing the EAP certs using the OID provided by microsoft, which are as follows:
The object identifier for Client Authentication is 1.3.6.1.5.5.7.3.2
The object identifier for server Authentication is 1.3.6.1.5.5.7.3.1
I also put the certs in both the user and computer certs store on both server and client to ensure that the computers can pickk up the right certs
Any ideas on what certificate i need to issue or change? Also when i goto the authentication tab in Routing and Remote Access I can add the Smart card or certificate option to EAP metods in the profile of the remote access policy, but when i try to use the edit buttom an error says 'A certificate could not be found to use with this Extensible Authentication Protocol'. Any help would be greatly appreciated! Thanks in advanced!
I've been trying to setup an L2TP VPN connection using routing and Remote access. Along with a certificate based IPSec encryption and EAP certificate based authentication. I'm setting it up with workgroup machines because it must not rely on Acitve Directory! But for some Reason i continue to get the error '786: The L2TP connection attempt failed because there is no valid machine certificate on your computer for security authentication'. But I have setup a CA on the Server and installed the IPSec certificates on the server and client. I have also installed the client authentication cert on the client and the server authentication cert on the server, which were all issued from the CA on the server using the web interface! I've even tried issuing the EAP certs using the OID provided by microsoft, which are as follows:
The object identifier for Client Authentication is 1.3.6.1.5.5.7.3.2
The object identifier for server Authentication is 1.3.6.1.5.5.7.3.1
I also put the certs in both the user and computer certs store on both server and client to ensure that the computers can pickk up the right certs
Any ideas on what certificate i need to issue or change? Also when i goto the authentication tab in Routing and Remote Access I can add the Smart card or certificate option to EAP metods in the profile of the remote access policy, but when i try to use the edit buttom an error says 'A certificate could not be found to use with this Extensible Authentication Protocol'. Any help would be greatly appreciated! Thanks in advanced!