The 2004 box is a member of the domain and thus trusts the root cert, right?
http://www.ISAserver.org
Trying to get certifiace based Eap authentication working for PPTP VPN clients on ISA 2004 from a windows 2000 professional PC. Have followed instructions in Toms books. Seems very straightforward. Have used a stand alone CA on a win 2000 server.
Have put machine cert on ISa 2004 Configures ISA 2004 for Eap Done Eap user mapping Issued Cert to remote VPN win 2000 client
All certs look OK but I get the following error messages in the isa2004 event log when I try and connect. The first message appears the first time I try and connect after a re-boot. Subsequent connection attempts always generate the second message.
Message 1
Because no certificate has been configured for clients dialing in with EAP-TLS, a default certificate is being sent to user northgatevhnet\mark_wrightson_nmh. Please go to the user's Remote Access Policy and configure the Extensible Authentication Protocol (EAP).
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Message 2
The user mark_wrightson_nmh connected from 195.171.160.45 but failed an authentication attempt due to the following reason: A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Any ideas
MW
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: thor@xxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx