I have installed Certificate Services on a three Windows
2003 servers. One is a root CA, one is an intermediate CA
and one is the issuing CA. All approriate trusting
certficates have been issued.
I attempting to set up VPNs using L2TP/IPSec from client
computers off site (not part of the domain). I know I
need a computer certificate on the client but when I
access the Web Enrollment page my only options in
the 'Certifate Template' dropdown are; 'Authenticated
Session' (when logged into the Web Enrollment page at
Authenticated user level) or 'Authenticated
Session', 'IPSec (Offline Request)', 'Subordinate CA'
or 'Web Service' if I am logged into the Web Enrollment
page as a domain admin. Regardless of whichever I choose
the certificate gets installed on my local client as a
user certificate.
If I attempt to use the Certificate Request Wizard in the
mmc I receive a message that states no issuing CA can be
located. However if I at least join the client computer
to the domain, disconnect the network connection and dial
into my network, I am then able to request/install a
machine certificate. I don't want to have to do this with
off-site clients.
Any advice on adding additional certificate types to the
template dropdown so I could request and install a machine
certificate on my local client would be appreciated.
|
Similar Threads
Linear Mode
