asked on
2012 RAS Failed to apply IP Security on port.
I am getting many errors in the event log similar to:
Failed to apply IP Security on port VPN0-34 because of error: A certificate could not be found. Connections that use the L2TP protocol over IPSec require the installation of a machine certificate, also known as a computer certificate.. No calls will be accepted to this port.
I look at the Certificate Store for the local machine and there are no certificates. Could this be the problem and how to fix it.
I have a SBS 2003 domain that I am adding 2 Win2012 DCs that will someday replace the 2003. One 2012 server has a couple of certificates in its local store. The other one doesn't and is getting the above messages. Both 2012 servers are fresh; I can remove and start over if this is a serious problem.
Thanks
Failed to apply IP Security on port VPN0-34 because of error: A certificate could not be found. Connections that use the L2TP protocol over IPSec require the installation of a machine certificate, also known as a computer certificate.. No calls will be accepted to this port.
I look at the Certificate Store for the local machine and there are no certificates. Could this be the problem and how to fix it.
I have a SBS 2003 domain that I am adding 2 Win2012 DCs that will someday replace the 2003. One 2012 server has a couple of certificates in its local store. The other one doesn't and is getting the above messages. Both 2012 servers are fresh; I can remove and start over if this is a serious problem.
Thanks
Windows Server 2012
Last Comment
MikeBroderick
ASKER
Thank you for your reply. I think the problem is there are no certificates in the Computer Store on the server that I am having problems with (SVR04). There are 3 certificates on the machine that works (SVR03). I followed the instructions given, adding an entry to group policy then running the command gpupdate. I still do not have certificates in the SVR04 local machine store. Do I need to specify the CA server somewhere? The TechNet article said on step 6 (adding the entry) that the CA server name should appear. It didn't.
FYI, my SBS 2003 server (SVR02) is the CA for the domain. I plan on changing that in the future.
FYI, my SBS 2003 server (SVR02) is the CA for the domain. I plan on changing that in the future.
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
Yes, The CA's (SVR02) root certificate is installed. When I request a certificate I get the error "The RPC Server is unavailable"
ASKER
I've decided to delete the server (its a VM) and start over. Thanks for your help
http://technet.microsoft.com/en-us/library/cc757207(v=ws.10).aspx
Its not serious problem. If you are using servers as windows L2TP VPN servers, then you must install Computer (Server) certificate on both servers and computer certificate on client computers, otherwise these steps are not necessary
You have to have internal CA server at least to provide certificates.
Mahesh