Cannot get Certificates working for VPN L2TP IPSec Server and Client
Posted on 2004-11-19
I have a remote Windows 2003 Server configured as a VPN server, through RRAS. It is also a Standalone Root CA and has IIS installed. It is not in a domain so AD is not installed.
I have VPN working through PPTP but needed to connect multiple clients from behind a NAT firewall, so am migrating to L2TP and IPSec. I have tested the system OK, using pre-shared keys but cannot get the certificate part to work.
On the client XP computer, Using web enrollment, I have installed client authorisation cert and IPSec Cert to the local machine store. Are these the right certs to install and what certs (if any) do I need to install on the VPN server?
On the client VPN connection properties, security tab, I have selected Advanced and configured the settings to use EAP "Smart Card or other Certificate", properties to use a certificate on this computer, simple certificate selection and de-selected validate server certificate (because I didn't understand the options...)
Hope this is enough info for someone to help?