Archived from groups: microsoft.public.win2000.security (More info?)
A computer or ipsec certificate WITH private key needs to be installed on
both the client computer and the VPN server and both computers need to trust
the issuing CA. For domain computers, that should happen automatically and
you can verify by looking in the local computer certificate store via the
mmc certificates snapin for computer and look in the trusted root folder.
Also keep in mind that for Windows 2000 as a VPN server, you can not use
l2tp if it is behind a NAT router/firewall. -- Steve
"mwebb" <firstname.lastname@example.org> wrote in message
>I have an XP workstation on an extranet. I want to connect this workstation
> to my Win2000 domain using a VPN connection.
> When I set up the connection PPTP work fine. When I attempt to connect
> LT2P I get a message that the workstation does not have the proper
> I have obtained an IPSEC certificate and a user certificate from my domain
> CA and installed them on the workstation but the LT2P connection still
> refuses to connect because of certificates.
> What certificates do I need and in what store so the LT2P VPN connection
> will work?