Certificates and IPSec
I have domain controllers on either side of a firewall. I want to set up communication between them with IPSec so I can close up the firewall a bit. I have the IPSec filters set up, but I'm not sure how how to configure the Certificate Authority portion. Does anyone have instructions on this?
Thanks,Scott
July 16th, 2008 9:09pm
Hello,
Check on the following tech articles that should help:
Deployment Planning (Best Practices for Implementing a Microsoft Windows Server 2003 Public Key Infrastructure)
http://technet2.microsoft.com/windowsserver/en/library/c3f67fb4-a1ae-43ed-b30e-fe1b183a553d1033.mspx
IPSec support for client-to-domain controller traffic and domain controller-to-domain controller traffic
http://support.microsoft.com/kb/254949
How to install a certificate for use with IP Security in Windows Server 2003
http://support.microsoft.com/kb/323342
Free Windows Admin Tool Kit Click here and download it now
July 18th, 2008 1:38pm
Thank you for the response. The articles were very useful, but I'm still not clear on how to set up the CA, specifically..."the CA must be set up to allow IPSEC certificates. The instructions in this article assume that you have permitted Client Authentication, IPSEC, and IPSEC (Offline Request)"How can I accomplish this?Thanks,Scott
July 22nd, 2008 6:40pm
Does anyone have any documentation on how to do this?Thanks,Scott
Free Windows Admin Tool Kit Click here and download it now
August 8th, 2008 10:23pm
Any info?
November 18th, 2008 5:32pm
hi scottyp55,are you still stuck with the same error ?if not please let us know, we usually do not keep the threads open for more than a week, and i see that the thread is opened since an year, we will be regressing the threads and if you feel your problem is not resolved we will further go ahead and troubleshoot the issue. Else we would mark the question as answer or mark the best possible action plan as answerthanks for understanding.sainath
windows driver development.
Free Windows Admin Tool Kit Click here and download it now
May 30th, 2009 10:18am
Yes. I am still having the same issue.I am still waiting on a response for"the CA must be set up to allow IPSEC certificates. The instructions in this article assume that you have permitted Client Authentication, IPSEC, and IPSEC (Offline Request)"How can I accomplish this?Thanks,Scott
June 3rd, 2009 10:50pm