RE: Error 786: The L2TP connection attempt failed because there is no valid machine certificate on your computer for security authentication
- From: "Stefaan Pouseele" <stefaan.pouseele@xxxxxxxxx>
- To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
- Date: Tue, 13 Dec 2005 21:56:43 +0100
Tom,
Nothing else!
Some time ago we had the exact same problem. But then that box was very VERY
slow and other things doesn't work either. So, we used my favorite command
FDISK and rebuild the box from scratch. Problem solved ;-)
BTW --- A PPTP connection with EAP-TLS works great. So, it must be something
related to the machine certificate.
Thanks,
Stefaan
-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
Sent: dinsdag 13 december 2005 21:34
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Error 786: The L2TP connection attempt failed because
there is no valid machine certificate on your computer for security
authentication
http://www.ISAserver.org
Hi Stefaan,
Anything in the Event viewer that might indicate something else is wrong?
Tom
Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
**Who is John Galt?**
> -----Original Message-----
> From: Stefaan Pouseele [mailto:stefaan.pouseele@xxxxxxxxx]
> Sent: Tuesday, December 13, 2005 2:28 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Error 786: The L2TP connection attempt failed
> because there is no valid machine certificate on your computer for
> security authentication
>
> http://www.ISAserver.org
>
> Hi Tom,
>
> I have no access those machines at this moment. But as far as I can
> remember, the whole certificate chain is correct and the clocks are
> synchronized.
>
> Thanks,
> Stefaan
>
> -----Original Message-----
> From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
> Sent: dinsdag 13 december 2005 21:23
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Error 786: The L2TP connection attempt failed
> because there is no valid machine certificate on your computer for
> security authentication
>
> http://www.ISAserver.org
>
> Hi Stefaan,
>
> Is the clock correct on the machines that aren't working?
>
> Is the CA certificate in the right place?
>
> Tom
>
> Thomas W Shinder, M.D.
> Site: www.isaserver.org
> Blog: http://spaces.msn.com/members/drisa/
> Book: http://tinyurl.com/3xqb7
> MVP -- ISA Firewalls
> **Who is John Galt?**
>
>
>
> > -----Original Message-----
> > From: Stefaan Pouseele [mailto:stefaan.pouseele@xxxxxxxxx]
> > Sent: Tuesday, December 13, 2005 2:03 PM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] Error 786: The L2TP connection attempt failed
> > because there is no valid machine certificate on your computer for
> > security authentication
> >
> > http://www.ISAserver.org
> >
> > Hey guys,
> >
> > On two laptops with Windows XP SP2 we get the Error 786: The L2TP
> > connection attempt failed because there is no valid machine
> > certificate on your computer for security authentication.
> >
> > In the Event Security log we see Event ID's 547:
> >
> > IKE security association negotiation failed.
> > Mode: Key Exchange Mode (Main Mode)
> > Filter: <snip>
> > Peer Identity: <snip>
> > Failure Point: Me
> > Failure Reason: No private key associated with machine certificate
> > Extra Status: 0x80092004 0x0
> >
> > We have verified that there is a valid machine certificate in the
> > computer personal store with an associated private key. A
> new machine
> > certificate on the failing box isn't working either. Other machines
> > are working great. So, something must be screwed up on this
> particular
> > boxes.
> >
> > Any idea how to solve that problem?
> >
> > Thanks,
> > Stefaan
> >
> >
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
stefaan.pouseele@xxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
