Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Server 2003 L2TP VPN using EAP Certs

Status
Not open for further replies.

mountnco

IS-IT--Management
Jan 31, 2006
10
AU
Hi,
I've been trying to setup an L2TP VPN connection using routing and Remote access. Along with a certificate based IPSec encryption and EAP certificate based authentication. I'm setting it up with workgroup machines because it must not rely on Acitve Directory! But for some Reason i continue to get the error '786: The L2TP connection attempt failed because there is no valid machine certificate on your computer for security authentication'. But I have setup a CA on the Server and installed the IPSec certificates on the server and client. I have also installed the client authentication cert on the client and the server authentication cert on the server, which were all issued from the CA on the server using the web interface! I've even tried issuing the EAP certs using the OID provided by microsoft, which are as follows:
The object identifier for Client Authentication is 1.3.6.1.5.5.7.3.2
The object identifier for server Authentication is 1.3.6.1.5.5.7.3.1

I also put the certs in both the user and computer certs store on both server and client to ensure that the computers can pickk up the right certs
Any ideas on what certificate i need to issue or change? Also when i goto the authentication tab in Routing and Remote Access I can add the Smart card or certificate option to EAP metods in the profile of the remote access policy, but when i try to use the edit buttom an error says 'A certificate could not be found to use with this Extensible Authentication Protocol'. Any help would be greatly appreciated! Thanks in advanced!
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top