Machine Certificates for L2TP/IPSEC etc

From: "Rob" <monkeymagicau@xxxxxxxxx>
Date: 7 Feb 2006 21:09:48 -0800

I'm running SBS 2003 Premium SP1 with ISA 2004 Installed.

I am trying to get all computers (XP Pro SP2) on the network a machine
certificate to enable them to do L2TP/IPSEC when away from the office.

However, despite the Default Domain Policy showing that it is setup for
automatic issuing of Machine Certificates, none of the machines on the
network seem to have been issued them.

What is the process required to facilitate the automatic issuing of
Machine Certificates to domain computers via Group Policy within SBS?

.

Follow-Ups:
- Re: Machine Certificates for L2TP/IPSEC etc
  - From: Jan

Prev by Date: Re: certsrv.exe (1488)
Next by Date: RE: Defragmenting Windows 2003 SBS
Previous by thread: Re: certsrv.exe (1488)
Next by thread: Re: Machine Certificates for L2TP/IPSEC etc
Index(es):
- Date
- Thread

Relevant Pages

Re: Unauthorized Network Access
... You may want to look into using switches that use 802.1x authentication. ... require your computers to be W2K/XP/W2003. ... You then would issue certificates to the ... computers from a CA on your network which can be done automatically to domain members ...
(microsoft.public.win2000.networking)
Re: 802.1x Authentication over Wireless
... log on with the wire before they can connect onto the wireless. ... on to the network XXXXXXX". ... You don't understand how 802.1x works nor why certificates are published to ... you only want authorized users and computers to access your WiFi network. ...
(microsoft.public.security)
Re: IPSEC with non-domain Server
... Certificates are not the "most secure", rather, they are one of the 2 "more ... > authenticate computers and protect traffic integrity and confidentiality ... > Attacks on IPSec and Other Security Concerns ...
(microsoft.public.security)
Re: RADIUS and Certs
... Another option is to buy comercial certificates from third parties. ... IAS on our Windows 2003 server so we can use AD and stop having to ... We are a Windows 2000 domain with W2003 member servers. ... If you install a CA on your production network you won't be able to easily ...
(microsoft.public.internet.radius)
Re: All the members of a network are trusted ho sts
... I need to divide the network in trusted groups. ... I lack arguments in order to decide how to define or select trusted hosts ... -The server is a reliable source of time (even though it does not have the ... synchronized are trusted hosts, have trusted generated certificates. ...
(comp.protocols.time.ntp)