Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

ISA 2004 L2TP VPN using Certificates

Posted on 2011-09-28
2
Medium Priority
?
703 Views
Last Modified: 2012-05-12
Hi Guys,

Trying to get L2TP (certifcates) to work between my VPN clients and ISA2004 server.

Have the following:

My own CA server on Domain X
My ISA server is stand-alone (not part of the domain)
Windows XP / 7 clients

Have installed a CA certifcate in the Trusted Root of ISA.  (This works fines as I use it for SSL traffic for OWA client -> ISA -> Exchange)

Using the CA web page http://local_ip/certsvr I have install a user certifcate on my client machine.

I have setup ISA to accept L2TP and use certifcate authentication.
I have setup the client to use L2TP and selected the certificate to use for authentication

Get error : the connection requires a certificate and no certifcate was found.  - Have checked the certifcate is there.

When using the L2TP and the pre-shared key - all works well.  So I know its a certificate issue.

Anyone came across this before.

Any help... much appreciated.

IM
0
Comment
Question by:ianmclachlan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 

Author Comment

by:ianmclachlan
ID: 36813714
Opp'sss sorry... Think I realise whats I have done wrong..

I use RADIUS for authentication.  I assume thats where I set the EAP(Certifcates) not on the ISA server.

Can anyone confirm this.

IM
0
 
LVL 10

Accepted Solution

by:
simonlimon earned 2000 total points
ID: 36939489
Have you issued an ipsec certificate to both isa and the client. L2tp requores a machine certificate as well?
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question