Certificate server redundancy
From: Kevin Davies (kevin_at_the-gerbil.nospam.freeuk.com)
Date: 08/31/04
- Next message: tom w: "Re: Outbound connection to VPN session"
- Previous message: Steve Jacobs: "Re: vpn clinet cannot access resources on VPN server, but can get rest of LAN"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 31 Aug 2004 00:06:58 GMT
Hi!
I'm in the process of setting up an W2K3 server / Windows XP client IPSEC /
L2TP VPN service. Everything so far works fine in the lab, except the target
service will have multiple DCs for the single domain for resilience. I would
like to configure the system to have more than one certificate server to
allocate machine certificates, however I'm at a loss as to how to do this.
Configuring one DC as an enterprise CA works wonderfully, but configuring a
second one as a subordinate CA then powering the enterprise CA and DC off
doesn't seem to result in allocation of certificates that can be used to
establish a VPN connection.
Is having a resilient certificate server, possible and / or practical or am
I making a fundamental mistake here?
Thanks
Kevin
- Next message: tom w: "Re: Outbound connection to VPN session"
- Previous message: Steve Jacobs: "Re: vpn clinet cannot access resources on VPN server, but can get rest of LAN"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
