I've been tasked with setting up a persistent IPSec VPN connection from a single Widnows Server 2008 R2 server directly connected to the internet to another network. I've been provided the remote IP, preshared key, user name, and password. I do not know what the remote endpoint is at this time.
Needing a persistent connection, my first thought was Routing and Remote Access. I added the Network Policy and Access Services role, selecting Remote Access Service role. I ran the RRAS configuration wizard, selecting "Secure connection between two private networks". I then added a new demand dial interface with the wizard set to L2TP and checked properties to change it to use preshared key and connection type to persistent connection. At this point, I tried to connect and get this message:
An error occurred during connection of the interface. A Demand Dial Router attempted to connect over a port that was reserved for Remote Access Clients only.
I looked this message up and found this article that says I need to setup a certificate:
This is where I am stuck. Can anyone provide some help on how to generate the certificate and where to configure in RRAS?
I installed CA service as a standalone root CA, but when I go to generate a certificate request in Certificates MMC, there are no certificate enrollment policies.