getting IPSec Certificates for VPN access for non domain members
- From: "Franz Schenk" <franz.schenkNOSPAM@xxxxxxxxxxxxxxxx>
- Date: Thu, 4 Jan 2007 17:02:55 +0100
We have implemented certificate based L2TP/IPSec VPN solutions on different
customer sites based on Enterprise CA's and RRAS, most of them on Windows
2003 standard edition.
- certificates for domain computers are automatically distributed over GPO
and active directory
- certificates for external notebook computers are installed over the
https://servername/certsrv Website when these notebooks are connected to the
internal LAN
We have now virtualized our remote support workstations and need machine
certificates for VPN remote access. Moving our physical virtual server to
the customers is not an option. Have discovered that the private key of an
installed certificate on one of our notebooks is marked as not exportable.
The reaseon for this is probably the original Microsoft IPSec (offline
request) template. Have then successfully duplicated the IPSec (Offline
Request) template, and changed the "export private key" property of the
duplicated template. But this new template can not be enabled in the
certification authority Administration tool, it's not available.
- Is this a limitation of Windows 2003 standard edition?
- Is there a solution to get the certificate requested on
https://server/certsrv into a file for installing the certificate on another
computer?
- Does anyone knows another way to get a customer certificate into the
certificate store of our remote support computer?
Thank you all in advance for any help!
Franz
.
- Prev by Date: Re: How do I get rid of an aggressive/relentless pop-up?
- Next by Date: Re: How do I get rid of an aggressive/relentless pop-up?
- Previous by thread: Terminal Server with Roaming Profile Locks Accounts
- Next by thread: Re: Security update 927978 for MSXML 4.0, for MSXML 4.0 SP1, and for M
- Index(es):
Relevant Pages
|
