|
windows
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
VPN using L2TP and certificatesI am trying to create a VPN using L2TP with authentication by a certificate. I have created the certificate (PKCS12), imported into the Certificates (LOcal Computer)\Personal\Certificates. When trying to use the L2TP VPN connection (client), Windows reports that a suitable certificate is not found (error 798) for EAP. The certificate was created using openssl (as opposed to a Microsoft Certificate Services). My problem could be - I imported the certificate into the wrong location - The certificate is not compatible with Microsoft's schannel - Something else I can't figure out If anyone out there can shed any light on this problem, including confirming that I imported the certificate into the right place, I would appreciate it. Thanks in advance. Kind regards, Michael. What kind of VPN server?
You must have MS PKI implemented in you enviroment. Enterprise or stand alone Certification Authority installed. More info about implementing PKI in MS enviroment: http://www.microsoft.com/windowsserver2003/technologies/pki/default.mspx#EEF Show quote "Michael Ellis" wrote: > Hi, > > I am trying to create a VPN using L2TP with authentication by a > certificate. I have created the certificate (PKCS12), imported into the > Certificates (LOcal Computer)\Personal\Certificates. > > When trying to use the L2TP VPN connection (client), Windows reports > that a suitable certificate is not found (error 798) for EAP. > > The certificate was created using openssl (as opposed to a Microsoft > Certificate Services). > > My problem could be > - I imported the certificate into the wrong location > - The certificate is not compatible with Microsoft's schannel > - Something else I can't figure out > > If anyone out there can shed any light on this problem, including > confirming that I imported the certificate into the right place, I would > appreciate it. > > Thanks in advance. > > Kind regards, > Michael. > Hi, The VPN server is Windows 2000 Server. The problem is at the
client end not recognising the certificate. There is a Microsoft support page that states that third party certificates can be used so this is what I am attempting. The client doesn't find/recognise the certificate so it doesn't even attempt to make the connection. Thanks. Kind regards, Michael. =?Utf-8?B?TWFyZWs=?= <Ma***@discussions.microsoft.com> wrote in Show quote news:A95081A3-1947-4BDA-9618-B3C29FB22F9D@microsoft.com: > What kind of VPN server? > > You must have MS PKI implemented in you enviroment. > Enterprise or stand alone Certification Authority installed. > > More info about implementing PKI in MS enviroment: > http://www.microsoft.com/windowsserver2003/technologies/pki/default.ms p > x#EEF > > > "Michael Ellis" wrote: > >> Hi, >> >> I am trying to create a VPN using L2TP with authentication by a >> certificate. I have created the certificate (PKCS12), imported into >> the Certificates (LOcal Computer)\Personal\Certificates. >> >> When trying to use the L2TP VPN connection (client), Windows reports >> that a suitable certificate is not found (error 798) for EAP. >> >> The certificate was created using openssl (as opposed to a Microsoft >> Certificate Services). >> >> My problem could be >> - I imported the certificate into the wrong location >> - The certificate is not compatible with Microsoft's schannel >> - Something else I can't figure out >> >> If anyone out there can shed any light on this problem, including >> confirming that I imported the certificate into the right place, I >> would appreciate it. >> >> Thanks in advance. >> >> Kind regards, >> Michael. >> > May be the simplest way to make it functional is to implement MS PKI rather
than spending hours with this unknown issue. Computer ceritiface must be issued by CA known for RRAS server. Yes you import certificate to client machine, but how RRAS server know that this is the certificate issued by trusted authority? With what RRAS server compare it? Show quote "Michael Ellis" wrote: > Hi, The VPN server is Windows 2000 Server. The problem is at the > client end not recognising the certificate. There is a Microsoft > support page that states that third party certificates can be used so > this is what I am attempting. > > The client doesn't find/recognise the certificate so it doesn't even > attempt to make the connection. > > Thanks. > > Kind regards, > Michael. > > =?Utf-8?B?TWFyZWs=?= <Ma***@discussions.microsoft.com> wrote in > news:A95081A3-1947-4BDA-9618-B3C29FB22F9D@microsoft.com: > > > What kind of VPN server? > > > > You must have MS PKI implemented in you enviroment. > > Enterprise or stand alone Certification Authority installed. > > > > More info about implementing PKI in MS enviroment: > > http://www.microsoft.com/windowsserver2003/technologies/pki/default.ms > p > > x#EEF > > > > > > "Michael Ellis" wrote: > > > >> Hi, > >> > >> I am trying to create a VPN using L2TP with authentication by a > >> certificate. I have created the certificate (PKCS12), imported into > >> the Certificates (LOcal Computer)\Personal\Certificates. > >> > >> When trying to use the L2TP VPN connection (client), Windows reports > >> that a suitable certificate is not found (error 798) for EAP. > >> > >> The certificate was created using openssl (as opposed to a Microsoft > >> Certificate Services). > >> > >> My problem could be > >> - I imported the certificate into the wrong location > >> - The certificate is not compatible with Microsoft's schannel > >> - Something else I can't figure out > >> > >> If anyone out there can shed any light on this problem, including > >> confirming that I imported the certificate into the right place, I > >> would appreciate it. > >> > >> Thanks in advance. > >> > >> Kind regards, > >> Michael. > >> > > > >  |
|||||||||||||||||||||||
Other interesting topics