Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS |
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Discussion on Configuring Calling VPN Gateway to use EAP/TLS cert authentication
Users viewing this topic:
none
Logged in as: Guest
Login
Discussion on Configuring Calling VPN Gateway to use EA... - 25.Aug.2003 4:34:00 AM
tshinder
Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
This thread is for discussing the article on calling VPN gateway using certificate authentication at:http://isaserver.org/tutorials/g2geapcertauthpart1.html HTH, Tom [ August 27, 2003, 09:02 AM: Message edited by: tshinder ]
RE: Discussion on Configuring Calling VPN Gateway to us... - 11.Sep.2003 10:46:00 PM
josem
Posts: 33
Joined: 23.Apr.2001
From: New York
Status: offline
Tom, Will EAP/TLS work with VPN client connections also?
RE: Discussion on Configuring Calling VPN Gateway to us... - 12.Sep.2003 1:10:00 AM
tshinder
Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Jose, Of course! Very secure when you can't use L2TP/IPSec. I've got an article on www.isaserver.org/shinder on how to do it, IIRC. HTH, Tom
RE: Discussion on Configuring Calling VPN Gateway to us... - 12.Sep.2003 5:03:00 AM
kmbuchanan
Posts: 13
Joined: 3.Sep.2003
From: Lexington, NC
Status: offline
I have tried your handy-dandy handbook on ISA...but when I enable the EAP certificate auth, it gives an eror 789/798 - no certificate found suitable for eap auth. ...ideas? I install the IPSec cert and the root CA is trusted. I have tried so many options - I am about to give up! HELP! Tom - thanks for helping an entire community of ISA users! -Kevin
RE: Discussion on Configuring Calling VPN Gateway to us... - 12.Sep.2003 3:15:00 PM
tshinder
Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Kevin, OK, I've been there myself. Guess what the problem is? The machine has to be a domain member! Is your server a stand-alone machine? Thanks! Tom
RE: Discussion on Configuring Calling VPN Gateway to us... - 13.Sep.2003 5:39:00 AM
kmbuchanan
Posts: 13
Joined: 3.Sep.2003
From: Lexington, NC
Status: offline
quote: Originally posted by tshinder:Hi Kevin, OK, I've been there myself. Guess what the problem is? The machine has to be a domain member! Is your server a stand-alone machine? Thanks! Tom
RE: Discussion on Configuring Calling VPN Gateway to us... - 13.Sep.2003 5:42:00 AM
Guest
CA Cert Server: 2k3 server - stand alone - non member Laptop in DMZ Zone: 2k Pro - domain member The laptop was joined to the domain on the trusted network, assigned a certificate, then moved it to the DMZ (WLAN). -Kevin
RE: Discussion on Configuring Calling VPN Gateway to us... - 13.Sep.2003 7:46:00 PM
tshinder
Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Ken, The CA has to be an enterprise CA, and the firewall or RADIUS server has to be in the same domain as the enterprise CA. HTH, Tom
New Messages
No New Messages
Hot Topic w/ New Messages
Hot Topic w/o New Messages
Locked w/ New Messages
Locked w/o New Messages
Post New Thread Reply to Message Post New Poll Submit Vote Delete My Own Post Delete My Own Thread Rate Posts