Re: IPSEC Certificate

From: "Phillip Windell" <philwindell@xxxxxxxxxxx>
Date: Fri, 18 Apr 2008 11:41:46 -0500

L2TP doesn't *require* a Cert,...you can use a Pre-shared Key or a Cert.

As far as security, they are not likely to break in by hacking PPTP,...they
would get in by aquiring a User's credentials because users are not careful
about that stuff. Probably half their family and several of their
co-workers know their credentials if the truth was known.

If you do want to use the Cert,..yes you can buy one from any vendor. Check
with the vendor to get the right type of Cert.

--
Phillip Windell
www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Troubleshooting Client Authentication on Access Rules in ISA Server 2004
http://download.microsoft.com/download/9/1/8/918ed2d3-71d0-40ed-8e6d-fd6eeb6cfa07/ts_rules.doc

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.mspx

Microsoft ISA Server Partners: Partner Hardware Solutions
http://www.microsoft.com/forefront/edgesecurity/partners/hardwarepartners.mspx
-----------------------------------------------------

"Hutch" <Hutch@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:2E9E0698-4AAF-4734-94FC-6F992FBAE56A@xxxxxxxxxxxxxxxx

Investigating ISA 2006 as a VPN option for our organization. I have
tested
out the PPTP VPN and it is pretty straightforward, but the security it
provides won't be enough for our agency.

I would like to use L2TP\IPSEC but that looks like a more complicated
beast.
Seems to involve setting up our own PKI environment, which I don't have
the
time for.

Can I use a CA such as Verisign or Comodo instead?? How would I set that
up?? Any help would be greatly appreciated.

We are running a full 2003 AD domain. Users would authenticate to the
DC's.
I am going to be setting up a Virtual testing environment to look at the
different options.

Regards,

Follow-Ups:
- Re: IPSEC Certificate
  - From: Hutch

References:
- IPSEC Certificate
  - From: Hutch

Prev by Date: IPSEC Certificate
Next by Date: Re: IPSEC Certificate
Previous by thread: IPSEC Certificate
Next by thread: Re: IPSEC Certificate
Index(es):
- Date
- Thread

Relevant Pages

Re: Cant remotely connect to ISA server from external network
... Changing IP#s won't cause you to need a new Cert. ... Microsoft Internet Security & Acceleration Server: Partners ... Microsoft ISA Server Partners: Partner Hardware Solutions ... new certificate and applied it to the IP listener in the ISA firewall. ...
(microsoft.public.isa)
Re: VPN CMAK & UseWinLogonCredentials ??
... Microsoft Internet Security & Acceleration Server: Partners ... Microsoft ISA Server Partners: Partner Hardware Solutions ...
(microsoft.public.isa.vpn)
Security Training - course
... Organizations of all sizes want to implement the latest Microsoft ... technologies to enhance security on their networks, ... to get hands-on experience with key security technologies - and learn how to ... help Partners develop the ability to sell additional security-related ...
(microsoft.public.security)
security training course
... Organizations of all sizes want to implement the latest Microsoft ... technologies to enhance security on their networks, ... to get hands-on experience with key security technologies - and learn how to ... help Partners develop the ability to sell additional security-related ...
(microsoft.public.windows.server.security)
Re: Just getting started in pen-testing
... mailing list because now I'm taking a network security class. ... Pentesting to me as I said before is similar to an art. ... my most "coveted" for lack of better terms cert is the OSCP because I ... me to understand network and systems heavily before even focusing on tools. ...
(Pen-Test)