VPN with SSL Certification SBS2003

[1DMF]

Can someone tell me if our VPN has been set up correctly as this doesn't seem right to me.

Scenario....

We have our VPN set up to use SSL Certification, after configuring the VPN client to use the certificate, when you click connect it doesn't ask for a username or passsword, it just connects.

So if someone leaves the company, I would either have to remove the certificate from their machine or re-issue everyone else a new certificate and reconfigure remote access.

Surely you don't sacrifice security just to enable SSL encryption over the VPN connection with RA in SBS2003.

Can it not be set up to use SSL to encrypt the data between server & client but also require a valid username and password to connect?

All help is appreciated.
1DMF

 

[cheito23]

If I recall correctly, all you have to do is modify the CRL (certificate revocation list) and it will deny them further access based on that certificates revocation. You may have to push that CRL out to the clients because (I think) it only sends out its update(s) on predefined schedules...

Hopefully this helps (someone correct me if I'm wrong).

 

[1DMF]

Sorry but i'm not sure you understood what I was asking.

When people connect using VPN with our SSL certificate it doesn't ask for a username or password, I want to use SSL and Windows Authentication is this not possible ?

"In complete darkness we are all the same, only our knowledge and wisdom separates us, don't let your eyes deceive you.