Re: L2TP Error 781

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Ron Lowe (ron-msng_at_{d.e.l.e.t.e.}lowe-family.me.uk)
Date: 02/10/05 

Date: Thu, 10 Feb 2005 21:21:35 -0000

" Newscene" <not_real@internet.org> wrote in message
news:420bb5c9$0$75851$45beb828@newscene.com...
>I am in the process of converting our RRAS connections from PPTP to L2TP.
>We have the Certificate Service running on one of the domain servers and
>have generated a private certificate. I have used several differt methods
>for getting the certificate onto an XP client for testing: using the Web
>Request and using the direct File Import. Both of these worked and the
>certicate appears in the client certificate store.
>
> When we attempt to make the L2TP connection however we continue to get
> "Error 781 The connection requires a certificate and no valid certificate
> was found". I've tried Google and searching Micorosft but all I find are
> explanations that yhou have to install a certificate blah blah blah, all
> of which we have done and verified using the methods described in the
> various docs I found through Google. It APPEARS that everything is correct
> but clearly it isn't.
>
> Can anyone shed some light on this?
>
> Thanks
> John
> jrs_listsubs [AT] insyte [DOT] com [DOT] us (for obvious reasons don't use
> the 'dot us' part :-)
>

If you dbl-click the cert in the client store, is ther any problem with it?

General Tab:

Is it in-date? If the PCs clock is way out, then the cert can be
invalidated.
Is it's Intended Puropse correct?

In the Certification Path tab:

Is it's parentage good?

XP has root certs for commercial CAs installed by default, but your CA will
need to have its root cert installed.

If the cert was created on your DC, then the Enterprise Cert Authority root
cert from the DC Cert Server needs to be installed on the client before the
client cert can be recognised.

Look in the Trusted Root Cert Authorites for your Enterprise CA. If it's not
listed, the client can't verify the cert.

If necessary, get the root cert and install it on the client. 

-- 
Best Regards,
Ron Lowe
MS-MVP Windows Networking

Relevant Pages

  • Re: Radius Server
    ... > so I'm guessing the client needs the Server Certificate, ... > export it from the server and import it to the client. ... >> But if you deployed EAP-TLS, you need a server cert and a client ...
    (microsoft.public.windows.server.networking)
  • Re: OWA Form Resetting
    ... Depends on the client browsers... ... The reason why you are getting alerts regarding the certificate being ... both the ISA server computer as well as the external ... I can view the cert and the certs ...
    (microsoft.public.isa)
  • Re: L2TP Error 781
    ... >have generated a private certificate. ... >for getting the certificate onto an XP client for testing: ... If you dbl-click the cert in the client store, is ther any problem with it? ... Look in the Trusted Root Cert Authorites for your Enterprise CA. ...
    (microsoft.public.windowsxp.help_and_support)
  • Re: L2TP Error 781
    ... >have generated a private certificate. ... >for getting the certificate onto an XP client for testing: ... If you dbl-click the cert in the client store, is ther any problem with it? ... Look in the Trusted Root Cert Authorites for your Enterprise CA. ...
    (microsoft.public.windowsxp.work_remotely)
  • Re: L2TP Error 781
    ... >have generated a private certificate. ... >for getting the certificate onto an XP client for testing: ... If you dbl-click the cert in the client store, is ther any problem with it? ... Look in the Trusted Root Cert Authorites for your Enterprise CA. ...
    (microsoft.public.windowsxp.security_admin)