Berkson Wein
asked on
Win7, VPN using client certificate. Won't save setting, insists on using Smart Card
I am working with a Microsoft VPN server setup that uses client certificates. It works fine on all machines XP and Win 7, except for one new Win 7 machine.
This is a Windows 7 Pro laptop, an HP EliteBook 8460w. It has a smart card slot which isn't being used.
The problem is that we're getting an error message:
Network Connections (window title)
Cannot load dialog.
Error 764: No smart card reader is installed.
It shouldn't be looking for a smart card reader. In the VPN setup on the Security tab, Use Extensible Authentication Protocol (EAP) is selected and Microsoft: Smart Card or other certificate (encryption enabled). Then under properties I select "Use a certificate on this computer" and complete the server names and root authorities.
Now here's the oddity: if I click ok and ok again to close the vpn properties, when I go back to properties "Use my smart card" is selected not the radio button that tells it to use a certificate!
I can't imagine that this is a group policy issue, as other Win 7 pro machines are fine. Unfortunately, there's not another HP 8460w laptop to test with.
Symantec Endpoint Protection 12.1 was originally installed on the machine. Disabling it didn't make a difference. Now I've uninstalled it completely, still with no change. Everything else is a basic install, no different from the other machines in the network.
There's nothing that I see in the event log that relates.
I have uninstalled the Smart Card driver software package, stopped the smart card service, and disabled the smart card in the bios (and combinations). Doesn't seem to make a difference.
Crazy right?
Any suggestions? Thanks.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I had already used the cleanwipe tool from symantec to completely remove everything.
serverman- thanks for that thought. There is no broadband software on that machine either.
We've given up as the user was out of time - wound up reformatting completely, reinstalling everythnig (including SEP) and all is well in the world. Too strange. I wish that I had more time to diagnose...
Thanks for the help.
serverman- thanks for that thought. There is no broadband software on that machine either.
We've given up as the user was out of time - wound up reformatting completely, reinstalling everythnig (including SEP) and all is well in the world. Too strange. I wish that I had more time to diagnose...
Thanks for the help.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Had to reinstall the os due to time contraints, though other suggestions here might be helpful to others.
ASKER
The smart card / user certificate option in the drop down is one item, then you goto properties and select smart card OR certificate.