Certificate Constraints
Hi, With creating x509 certificates what do i need to include in the request for the certificate to be valid for IPSEC/L2TP. I ask this question because i remember reading somewhere that you need to include some host name in the subject field for it to be valid but im not to sure exactly what it is. and while im here i might as well ask if there is anything else i need to include. Also, Do i need to make a x509 certificate ( via a template such as OfflineRouter ) on my l2tp VPN server side of things to get it working or not?
October 18th, 2009 2:53pm

See here for more informationHow to install a certificate for use with IP Security in Windows Server 2003Note:You have to supply the FQDN (Fully Qualiefd Domain Name) in the certificate.Certifications: MCSA 2003 MCSE 2003
Free Windows Admin Tool Kit Click here and download it now
October 18th, 2009 8:17pm

Hi, Please also ensure that both VPN client and server trust the CA certificate. You may refer to the following thread for more information: http://social.technet.microsoft.com/Forums/en-US/winserversecurity/thread/85b77873-4f1e-4a89-9d0f-34533364d658This posting is provided "AS IS" with no warranties, and confers no rights.
October 21st, 2009 1:39pm

This problem was because a extended attribute was missing and so the IKE negotiation failed. This link helped me fix my problem. http://social.technet.microsoft.com/Forums/en-US/winservergen/thread/29f00a04-3412-42f1-b364-c89e4a1b5794 Thanks.
Free Windows Admin Tool Kit Click here and download it now
October 21st, 2009 2:01pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics