Re: Certificates

From: Steven L Umbach (sumbach_at_nospam-ameritech.net)
Date: 03/11/04 

Date: Thu, 11 Mar 2004 01:36:09 GMT

You would use Web Enrollmnet to request a certificate as described in the
link below. For machine certificates to use for l2tp you need to enable
"offline ipsec" template in the CA Management Console. --- Steve

http://www.microsoft.com/windows2000/techinfo/planning/security/cawebsteps.asp

"Bernd" <anonymous@discussions.microsoft.com> wrote in message
news:ad3101c40706$45261b60$a101280a@phx.gbl...
> Hi
> I also run a L2TP/IPSec VPN. Issuing of
> user and computer certificates is no problem with
> Windows 2003 Server as long as the client computers
> are member of the domain.
> But how do you issue a computer certificate to a
> computer which is outside of the domain ?
> Auto Enrollment Policies cannot be used.
> Any help is wellcomed.
> Bernd
>
> >-----Original Message-----
> >I was about to say the same thing... If you use VPN all
> will be good.. That
> >is what we setup for our company. we also use iPass for
> dialing in to the
> >inet. That's good for users that are abroad or on travel.
> >
> >John Flint
> >
> >
> >
> >"Pawan Agarwal (MSFT)" <pawana@online.microsoft.com>
> wrote in message
> >news:ujRsu2qBEHA.1604@TK2MSFTNGP11.phx.gbl...
> >> This is possible by using L2TP/IPSec for VPN.
> >> look at Microsoft L2TP/IPSec VPN Client
> >>
> >http://www.microsoft.com/windows2000/server/evaluation/new
> s/bulletins/l2tpcl
> >ient.asp
> >>
> >> -Pawan
> >> --
> >> --------------------------------------------------------
> -----------------
> >> "This posting is provided "AS IS" with no warranties,
> and confers no
> >> rights."
> >> --------------------------------------------------------
> ----------------
> >> "ANDC" <andc.it@btconnect.com> wrote in message
> >> news:uZCcsmqBEHA.2308@tk2msftngp13.phx.gbl...
> >> > Hi,
> >> >
> >> > Can this be done first?
> >> >
> >> > I wish to configure remote clients to only access
> network resources (at
> >> HQ)
> >> > if they have a certificate installed (I plan to use
> Windows 2003
> >> Enterprise
> >> > Server). If a client does not have a certificate and
> is trying to
> >connect
> >> > from a certain IP address range then they will not be
> able to access any
> >> > network resources.
> >> >
> >> > The reason I though of certifcates as encrypt all the
> data. The end
> >user
> >> > will be connected to a wireless network.
> >> >
> >> > Does this make sense?
> >> >
> >> > thanks
> >> >
> >> >
> >>
> >>
> >
> >
> >.
> >

Relevant Pages

  • Re: Group Policy for Computer Certificates
    ... I thought that in windows server 2003 and XP GPO, ... specify a CA in the ACRS settings. ... > I'm attempting to get auto distribution of computer certificates working ... > Automatic Certificate Request Setup Wizard I select Computer certificate, ...
    (microsoft.public.windows.server.security)
  • Re: Group Policy for Computer Certificates
    ... I thought that in windows server 2003 and XP GPO, ... specify a CA in the ACRS settings. ... > I'm attempting to get auto distribution of computer certificates working ... > Automatic Certificate Request Setup Wizard I select Computer certificate, ...
    (microsoft.public.win2000.security)
  • Re: Cert Authority--Enterprise Stand Alone or both?
    ... Certificate Services as a certificate authority for PEAP ... >party CA I agree a Thawte or Verisign will be easier. ... >> go with a 3rd party web server certificate. ...
    (microsoft.public.win2000.security)
  • Re: Enterprise Certificate Authority and Computer Certificates
    ... use the ipsec offline router template ... > it is needed for l2tp] in the Certificate Authority Management Console ...
    (microsoft.public.win2000.security)
  • RE: updates after format
    ... if the Microsoft Server is down. ... software you are installing has not passed Windows Logo testing verify its ... When you try to download an ActiveX control, install an update to Windows ... and you do not have the appropriate certificate in your Trusted Publishers ...
    (microsoft.public.windows.mediacenter)