Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
VPN Server can't be configured EAP for authorization with certificates
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
VPN Server can't be configured EAP for authorization wi... - 15.Sep.2005 9:06:00 AM
|
|
|
sonyan78
Posts: 5
Joined: 1.Aug.2005
Status: offline
|
Hello everybody.
I am trying to start VPN Server, authorizating clients with certificates.
VPN Server is ISA Server 2004 with windows 2003. The machine is not part of the active directory domain, and it is part of workgroup.On the same machine is installed Certification Authority. It has installed CRLs, but when i try to configure EAP, receive error "A certificate could not be found that can be used with Extensible Authentication Protocol".It is able clients to connect with PPTP using MSCHAP v2.0.
Is the machine must be member of domain, or CA is installed as Enterprice to be able to use certificates for authorization.
|
|
|
|
|
RE: VPN Server can't be configured EAP for authorizatio... - 15.Sep.2005 11:36:00 AM
|
|
|
ClintD
Posts: 1833
Joined: 26.Jan.2001
From: Keller, TX
Status: offline
|
What certificate do you have installedd on the ISA Server? In what storage? What attributes are listed in the Intended Purpose column?
Client Authentication must be listed in order for RRAS to use it.
Note - since you installed the CA on the ISA Server, don't try and use the certificate that has "All Purposes" in the Intended Usage column - this is the self-signed certificate of the CA and won't work for this.
[ September 15, 2005, 11:38 AM: Message edited by: ClintD ]
|
|
|
|
|
RE: VPN Server can't be configured EAP for authorizatio... - 16.Sep.2005 3:44:00 AM
|
|
|
sonyan78
Posts: 5
Joined: 1.Aug.2005
Status: offline
|
There is few certificates installed
in trusted root certification authorities
1.all purpose
2. Server authentication
3. IP security IKE intermediate
In personal storage there is
1.IP security IKE intermediate
2.Server authentication
3.Clietn authentication
in Intermediate certification authority
Certification Revokation list and certificates with purpose "all"
I had installed server, cient and IP security IKE type of certificates, but still can configure EAP from "routing and remote access " console.
What kind of certificate must be use. IP security or something else.
10x
|
|
|
|
|
RE: VPN Server can't be configured EAP for authorizatio... - 19.Sep.2005 5:34:00 AM
|
|
|
sonyan78
Posts: 5
Joined: 1.Aug.2005
Status: offline
|
ISA server must be member of Active directory domain and there is option for using EAP with smart card or certificate and Certification Authoriy must be also member of domain installed as Enterprice root, and there is such templates certificates(client and server)
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
