Tom, Nothing else! Some time ago we had the exact same problem. But then that box was very VERY slow and other things doesn't work either. So, we used my favorite command FDISK and rebuild the box from scratch. Problem solved ;-) BTW --- A PPTP connection with EAP-TLS works great. So, it must be something related to the machine certificate. Thanks, Stefaan -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: dinsdag 13 december 2005 21:34 To: [ISAserver.org Discussion List] Subject: [isalist] RE: Error 786: The L2TP connection attempt failed because there is no valid machine certificate on your computer for security authentication http://www.ISAserver.org Hi Stefaan, Anything in the Event viewer that might indicate something else is wrong? Tom Thomas W Shinder, M.D. Site: www.isaserver.org Blog: http://spaces.msn.com/members/drisa/ Book: http://tinyurl.com/3xqb7 MVP -- ISA Firewalls **Who is John Galt?** > -----Original Message----- > From: Stefaan Pouseele [mailto:stefaan.pouseele@xxxxxxxxx] > Sent: Tuesday, December 13, 2005 2:28 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: Error 786: The L2TP connection attempt failed > because there is no valid machine certificate on your computer for > security authentication > > http://www.ISAserver.org > > Hi Tom, > > I have no access those machines at this moment. But as far as I can > remember, the whole certificate chain is correct and the clocks are > synchronized. > > Thanks, > Stefaan > > -----Original Message----- > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] > Sent: dinsdag 13 december 2005 21:23 > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: Error 786: The L2TP connection attempt failed > because there is no valid machine certificate on your computer for > security authentication > > http://www.ISAserver.org > > Hi Stefaan, > > Is the clock correct on the machines that aren't working? > > Is the CA certificate in the right place? > > Tom > > Thomas W Shinder, M.D. > Site: www.isaserver.org > Blog: http://spaces.msn.com/members/drisa/ > Book: http://tinyurl.com/3xqb7 > MVP -- ISA Firewalls > **Who is John Galt?** > > > > > -----Original Message----- > > From: Stefaan Pouseele [mailto:stefaan.pouseele@xxxxxxxxx] > > Sent: Tuesday, December 13, 2005 2:03 PM > > To: [ISAserver.org Discussion List] > > Subject: [isalist] Error 786: The L2TP connection attempt failed > > because there is no valid machine certificate on your computer for > > security authentication > > > > http://www.ISAserver.org > > > > Hey guys, > > > > On two laptops with Windows XP SP2 we get the Error 786: The L2TP > > connection attempt failed because there is no valid machine > > certificate on your computer for security authentication. > > > > In the Event Security log we see Event ID's 547: > > > > IKE security association negotiation failed. > > Mode: Key Exchange Mode (Main Mode) > > Filter: <snip> > > Peer Identity: <snip> > > Failure Point: Me > > Failure Reason: No private key associated with machine certificate > > Extra Status: 0x80092004 0x0 > > > > We have verified that there is a valid machine certificate in the > > computer personal store with an associated private key. A > new machine > > certificate on the failing box isn't working either. Other machines > > are working great. So, something must be screwed up on this > particular > > boxes. > > > > Any idea how to solve that problem? > > > > Thanks, > > Stefaan > > > > > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > > ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: stefaan.pouseele@xxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx