Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 385
  • Last Modified:

Ipsec with certificate

Hi all, need help with ipsec problem
right now I have two isolation groups one server one client, I have configured ipsec on the server group to require and used a certificate from our CA to authenticate, I have configured the client group to respond only using this certificate but I cant get it to connect to the server, all works fine with Kerberos but it just doesn't seem to work with the cert any ideas on where to start looking ?
0
Dawilliams
Asked:
Dawilliams
  • 5
  • 2
2 Solutions
 
DawilliamsAuthor Commented:
Also, fyi the cert gets installed on the client machine through the gpo
I'm in a huge hurry to wrap this up bosses above are pressuring for results any help
0
 
bigjimbo813Commented:
are you installing the root ca cert on the client machine or the generated cert on the client machine?
0
 
DawilliamsAuthor Commented:
The exported generated cert
0
Managing Security & Risk at the Speed of Business

Gartner Research VP, Neil McDonald & AlgoSec CTO, Prof. Avishai Wool, discuss the business-driven approach to automated security policy management, its benefits and how to align security policy management with business processes to address today's security challenges.

 
DawilliamsAuthor Commented:
sorry I generated a cert for the server and installed it then exported the cert without the private key and am aplying that cert to the clients
fyi I can get it to work with icmp but as soon as I add all ip traffic it drops the ping replies and will not let me browse the server any more.
0
 
bigjimbo813Commented:
is the root ca trusted? or the individual cert?
0
 
DawilliamsAuthor Commented:
the root ca is trusted and I'm installing the generated cert for the server on the clients
0
 
jabiiiCommented:
That will only allow the local clients to authenticate the server, the server has no way of authenticating the client. the client too needs a cert.
0
 
DawilliamsAuthor Commented:
how then would i apply the ipsec in the gpo I'm missing somthing basic I just donnt see it.
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 5
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now