Agile VPN (IKEv2) Certificates: Information request
Hello, I am using Windows 7's new Agile VPN feature (IKEv2 implementation) and have a question about certificate support. I know for sure that RSA certificates are supported and can be used without any troubles. Are DSA signitures supported (in the AUTH payload)? I am asking this due to the fact that when a VPN gateway sends an IKE_AUTH message (first response, the one with the first EAP-MSCHAPV2 request) having an IKE_AUTH payload signed using an X.509 Certificate Signiture in DSA format, the IKEv2 client will just keep retransmitting the first IKE_AUTH request. Any help would be appreciated. Also, is there a better place than these forums to ask for very technical questions (such as this one) for the IKEv2 implementation? I don't want/need code, just might require some advanced help from someone who actually knows how it is working. I would also like to report a bug which can be exploited by a gateway to crash the VPN service (which restarts automatically) and renders the specific connection used to cause the crash unusable until the system is rebooted; how can I do that? Regards, Matt
July 31st, 2010 11:23am

Hi Matt, I believe this forum is a better place for very technical questions on VPN: http://social.technet.microsoft.com/Forums/en-US/ForefrontedgeVPN/threads Regards,
Free Windows Admin Tool Kit Click here and download it now
August 9th, 2010 5:23am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics