Solved

ad certificate services and sstp vpn

Posted on 2010-09-02
7
518 Views
Last Modified: 2012-05-10
Hi
I want to use the AD certificate services to create the key for sstp VPN.

the certificate will like sstp.mydomain.com.

can the client to use this anywhere in the world to get VPN in?

read the MS article , it says only can be use internal
0
Comment
Question by:GordonLiq
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33584602
Each computer which will have imported it into Trusted Root Certificates will be able to use your VPN from everywhere
0
 

Author Comment

by:GordonLiq
ID: 33584618
Sound good, I will have a try.

what about exchange web access ? people may access from any computer and any where.
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33584659
it also depends on certificate :) If they have proper one, they should be able :)
0
Transaction Monitoring Vs. Real User Monitoring

Synthetic Transaction Monitoring Vs. Real User Monitoring: When To Use Each Approach? In this article, we will discuss two major monitoring approaches: Synthetic Transaction and Real User Monitoring.

 

Author Comment

by:GordonLiq
ID: 33584847
Do you have any sample of which certificate should be create? that is complex
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33584910
You can find whole process in this Microsoft document. It is very helpful.

http://download.microsoft.com/download/b/1/0/b106fc39-936c-4857-a6ea-3fb9d1f37063/deploying%20sstp%20remote%20access%20step%20by%20step%20guide.doc

Read sections:

- Install Active Directory Certificate Services and Web Server
- Create and install the Server Authentication certificate
- Obtain a trusted root CA certificate

in case of any other questions just let me know
0
 

Author Comment

by:GordonLiq
ID: 33602914
I tried this and failed,

get some major problem ,

the SSL issue are all expired in one year , that means I have to reintall the client's computer each year.
0
 
LVL 39

Accepted Solution

by:
Krzysztof Pytko earned 500 total points
ID: 33606083
You can create your certificate for longer validity period. Just duplicate it to the newer version and the set longer validity time. If certificate will expire you don't have to reinstall each PC, you have to renew the certificate only.
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question