Re: L2TP Problem

Well .... do all the PC's have the root certification authority on the
trusted certifications authority's local machine store ?

....

Pedro A.

Jean-Pascal Laux escreveu:
praraujo@xxxxxxxxx a écrit :
well ... the registry key is needed for sure if the L2TP VPN
connection goes throught a NAT.

Have you tried to get a new certificate to that particular machine ?

Note that depending on the certificate template used some certificates
don't allow being exported ..

If you got the certificate from another machine and if the certificate
is exportable make sure that during the export procedure you also
export the private key.

The certificate may appear ok on the machine store but without a
private key is useless.

Pedro A.


Jean-Pascal Laux escreveu:
praraujo@xxxxxxxxx a écrit :
That link explains the problem but this one gives you the directions
http://support.microsoft.com/kb/885407/

Pedro A.
prara...@xxxxxxxxx escreveu:
Something has changed in SP2 for Win XP ...

Take a look at this link http://support.microsoft.com/kb/885348/en-us

I had that problem and this solved it


Pedro A.

Jean-Pascal Laux escreveu:
We use ISA Server 2005 SP1 and VPN clients (L2TP/IPSec). This
configuration works fine except for one client running Windows XP SP2
(all others clients run fine).

This computer always reports that the certificate has no private key but
when I check in a MMC with certificats snap-in, I can see that the
certificate has a vlid private key.

I check on Internet with no success.

Any idea ?

Thanks

Jean-Pascal
I know this article. The strange fact is only one computer doesn't work.
If I remove the registry key, the error is not the same...

I already tried all these solutions. About 10 pcs work with no problem.

Jean-Pascal

.

Relevant Pages

  • AcquireCredentialsHandle (Schannel) -- please HELP!
    ... I create a certificate programmatically in the LOCAL MACHINE store ... Now I can access the private key of the newly created certificate by ... if I create the same certificate in the CURRENT USER store, ...
    (microsoft.public.platformsdk.security)
  • RE: CryptAcquireContext failed. This CSP cannot be opened in silent mo
    ... template which is required in order to set the router (offline request) to be ... checkbox to store it in the machine store just doesn't work (posts online ... PPTP VPN tunnel using EAP-TLS certificate based authentication. ... new client cert for the Windows 2003 Std box but it didn't help. ...
    (microsoft.public.windows.server.networking)
  • Re: L2TP Problem
    ... Note that depending on the certificate template used some certificates ... export the private key. ... Pedro A. ... Jean-Pascal Laux escreveu: ...
    (microsoft.public.isa.vpn)
  • Re: L2TP Problem
    ... Note that depending on the certificate template used some certificates ... export the private key. ... Jean-Pascal Laux escreveu: ... If I remove the registry key, the error is not the same... ...
    (microsoft.public.isa.vpn)
  • Re: Client Certificate not reaching server
    ... The certificate is in the machine store - //machine-name/Personal... ... > certificate is stored in the personal store of the identity that will be ... I do have a private key installed. ...
    (microsoft.public.dotnet.security)