I am trying to create a VPN using L2TP with authentication by a
certificate. I have created the certificate (PKCS12), imported into the
Certificates (LOcal Computer)\Personal\Certificates.
When trying to use the L2TP VPN connection (client), Windows reports
that a suitable certificate is not found (error 798) for EAP.
The certificate was created using openssl (as opposed to a Microsoft
Certificate Services).
My problem could be
- I imported the certificate into the wrong location
- The certificate is not compatible with Microsoft's schannel
- Something else I can't figure out
If anyone out there can shed any light on this problem, including
confirming that I imported the certificate into the right place, I would
appreciate it.
> Hi,
>
> I am trying to create a VPN using L2TP with authentication by a
> certificate. I have created the certificate (PKCS12), imported into the
> Certificates (LOcal Computer)\Personal\Certificates.
>
> When trying to use the L2TP VPN connection (client), Windows reports
> that a suitable certificate is not found (error 798) for EAP.
>
> The certificate was created using openssl (as opposed to a Microsoft
> Certificate Services).
>
> My problem could be
> - I imported the certificate into the wrong location
> - The certificate is not compatible with Microsoft's schannel
> - Something else I can't figure out
>
> If anyone out there can shed any light on this problem, including
> confirming that I imported the certificate into the right place, I would
> appreciate it.
>
> Thanks in advance.
>
> Kind regards,
> Michael.
>
Hi, The VPN server is Windows 2000 Server. The problem is at the
client end not recognising the certificate. There is a Microsoft
support page that states that third party certificates can be used so
this is what I am attempting.
The client doesn't find/recognise the certificate so it doesn't even
attempt to make the connection.
Thanks.
Kind regards,
Michael.
=?Utf-8?B?TWFyZWs=?= <Marek@discussions.microsoft.com> wrote in
news:A95081A3-1947-4BDA-9618-B3C29FB22F9D@microsoft.com:
> What kind of VPN server?
>
> You must have MS PKI implemented in you enviroment.
> Enterprise or stand alone Certification Authority installed.
>
> More info about implementing PKI in MS enviroment:
> http://www.microsoft.com/windowsserv...pki/default.ms
p
> x#EEF
>
>
> "Michael Ellis" wrote:
>
>> Hi,
>>
>> I am trying to create a VPN using L2TP with authentication by a
>> certificate. I have created the certificate (PKCS12), imported into
>> the Certificates (LOcal Computer)\Personal\Certificates.
>>
>> When trying to use the L2TP VPN connection (client), Windows reports
>> that a suitable certificate is not found (error 798) for EAP.
>>
>> The certificate was created using openssl (as opposed to a Microsoft
>> Certificate Services).
>>
>> My problem could be
>> - I imported the certificate into the wrong location
>> - The certificate is not compatible with Microsoft's schannel
>> - Something else I can't figure out
>>
>> If anyone out there can shed any light on this problem, including
>> confirming that I imported the certificate into the right place, I
>> would appreciate it.
>>
>> Thanks in advance.
>>
>> Kind regards,
>> Michael.
>>
>
May be the simplest way to make it functional is to implement MS PKI rather
than spending hours with this unknown issue.
Computer ceritiface must be issued by CA known for RRAS server. Yes you
import certificate to client machine, but how RRAS server know that this is
the certificate issued by trusted authority? With what RRAS server compare it?
"Michael Ellis" wrote:
> Hi, The VPN server is Windows 2000 Server. The problem is at the
> client end not recognising the certificate. There is a Microsoft
> support page that states that third party certificates can be used so
> this is what I am attempting.
>
> The client doesn't find/recognise the certificate so it doesn't even
> attempt to make the connection.
>
> Thanks.
>
> Kind regards,
> Michael.
>
> =?Utf-8?B?TWFyZWs=?= <Marek@discussions.microsoft.com> wrote in
> news:A95081A3-1947-4BDA-9618-B3C29FB22F9D@microsoft.com:
>
> > What kind of VPN server?
> >
> > You must have MS PKI implemented in you enviroment.
> > Enterprise or stand alone Certification Authority installed.
> >
> > More info about implementing PKI in MS enviroment:
> > http://www.microsoft.com/windowsserv...pki/default.ms
> p
> > x#EEF
> >
> >
> > "Michael Ellis" wrote:
> >
> >> Hi,
> >>
> >> I am trying to create a VPN using L2TP with authentication by a
> >> certificate. I have created the certificate (PKCS12), imported into
> >> the Certificates (LOcal Computer)\Personal\Certificates.
> >>
> >> When trying to use the L2TP VPN connection (client), Windows reports
> >> that a suitable certificate is not found (error 798) for EAP.
> >>
> >> The certificate was created using openssl (as opposed to a Microsoft
> >> Certificate Services).
> >>
> >> My problem could be
> >> - I imported the certificate into the wrong location
> >> - The certificate is not compatible with Microsoft's schannel
> >> - Something else I can't figure out
> >>
> >> If anyone out there can shed any light on this problem, including
> >> confirming that I imported the certificate into the right place, I
> >> would appreciate it.
> >>
> >> Thanks in advance.
> >>
> >> Kind regards,
> >> Michael.
> >>
> >
>
>
VPN using L2TP and certificates 
Linear Mode
