Hi, I've setup a windows 2008 server and im attempting to try and get L2TP running with x509 certificates. I created a CA, created a RRAS certificate according to the template and added into the local machine store of the server, i created a certificate for my client via the OfflineRouter template with the clients hostname as the 'name' field subject. i setup routing and remote access and it works with PPTP easily and L2TP with PSK's but when i disable the custom policty in the ipsec settings every attempt to connect from my client to my server via l2tp fails. client http://pastie.org/private/828mbejbiuvqmko5iftq server http://pastie.org/private/9tzsgk03jqlgafn824rq do i need to create a ipsec filter for l2tp or is it implied, from my reasearch i dont think i need to. and if anyone can point me in the direction of some kind of tutorial on how to do this it would be much apreciated. thanks. also what logfiles should i be looking at, most of the files in the tracing directory prove to be a mess.

the error on my client is: error 787 the l2tp connection attempt failed because the security layer could not authenticate the remote computer. please tell me what logfiles in particiluar i need to be looking at on the client and server. thanks....

Hello,i suggest to use the following forum for CA related questions:http://social.technet.microsoft.com/Forums/en/winserversecurity/threadsBest regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.