Solved

ISA 2004 L2TP VPN using Certificates

Posted on 2011-09-28
2
625 Views
Last Modified: 2012-05-12
Hi Guys,

Trying to get L2TP (certifcates) to work between my VPN clients and ISA2004 server.

Have the following:

My own CA server on Domain X
My ISA server is stand-alone (not part of the domain)
Windows XP / 7 clients

Have installed a CA certifcate in the Trusted Root of ISA.  (This works fines as I use it for SSL traffic for OWA client -> ISA -> Exchange)

Using the CA web page http://local_ip/certsvr I have install a user certifcate on my client machine.

I have setup ISA to accept L2TP and use certifcate authentication.
I have setup the client to use L2TP and selected the certificate to use for authentication

Get error : the connection requires a certificate and no certifcate was found.  - Have checked the certifcate is there.

When using the L2TP and the pre-shared key - all works well.  So I know its a certificate issue.

Anyone came across this before.

Any help... much appreciated.

IM
0
Comment
Question by:ianmclachlan
2 Comments
 

Author Comment

by:ianmclachlan
ID: 36813714
Opp'sss sorry... Think I realise whats I have done wrong..

I use RADIUS for authentication.  I assume thats where I set the EAP(Certifcates) not on the ISA server.

Can anyone confirm this.

IM
0
 
LVL 10

Accepted Solution

by:
simonlimon earned 500 total points
ID: 36939489
Have you issued an ipsec certificate to both isa and the client. L2tp requores a machine certificate as well?
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

There are several problems reported according slow link speeds or poor performance in TMG 2010, UAG 2010 or ISA 2006. I want to collect here some of the common issues together to give a brief overview what can be the reason. Nevertheless, not all of…
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

939 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

3 Experts available now in Live!

Get 1:1 Help Now