I have setup Windows Server 2003 RRAS for L2TP IPSec VPN and it works when I use a pre-shared key, however I want to make it work with certificates and have been having some trouble.
I have an Enterprise Root CA install on our domain controller and I have had it issue a Computer Certificate for Server Authentication to the RRAS Server, which is also running ISA 2004.
The problem is that I don't seem to be able to get an appropriate certificate to a VPN client (not a member of the domain) - I receive error 786 "The L2TP Connection attempt failed because there is no valid machine certificate on your computer for security authentication"
I can access the certificate server from the client I am trying to setup by connecting the VPN via PPTP or using a pre-shared key and going to http://servername/certsrv
but need some guidance on what to from here please.
Really, a step-by-step do this do that guide for the certificate part of this setup (RRAS server and clients) would be useful.