Solved

ad certificate services and sstp vpn

Posted on 2010-09-02
7
500 Views
Last Modified: 2012-05-10
Hi
I want to use the AD certificate services to create the key for sstp VPN.

the certificate will like sstp.mydomain.com.

can the client to use this anywhere in the world to get VPN in?

read the MS article , it says only can be use internal
0
Comment
Question by:GordonLiq
  • 4
  • 3
7 Comments
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33584602
Each computer which will have imported it into Trusted Root Certificates will be able to use your VPN from everywhere
0
 

Author Comment

by:GordonLiq
ID: 33584618
Sound good, I will have a try.

what about exchange web access ? people may access from any computer and any where.
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33584659
it also depends on certificate :) If they have proper one, they should be able :)
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 

Author Comment

by:GordonLiq
ID: 33584847
Do you have any sample of which certificate should be create? that is complex
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33584910
You can find whole process in this Microsoft document. It is very helpful.

http://download.microsoft.com/download/b/1/0/b106fc39-936c-4857-a6ea-3fb9d1f37063/deploying%20sstp%20remote%20access%20step%20by%20step%20guide.doc

Read sections:

- Install Active Directory Certificate Services and Web Server
- Create and install the Server Authentication certificate
- Obtain a trusted root CA certificate

in case of any other questions just let me know
0
 

Author Comment

by:GordonLiq
ID: 33602914
I tried this and failed,

get some major problem ,

the SSL issue are all expired in one year , that means I have to reintall the client's computer each year.
0
 
LVL 39

Accepted Solution

by:
Krzysztof Pytko earned 500 total points
ID: 33606083
You can create your certificate for longer validity period. Just duplicate it to the newer version and the set longer validity time. If certificate will expire you don't have to reinstall each PC, you have to renew the certificate only.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Redirected folders in a windows domain can be quite useful for a number of reasons, one of them being that with redirected application data, you can give users more seamless experience when logging into different workstations.  For example, if a use…
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question