This *might* be out of the scope of the forums means, but I thought I asked anyway [:)]
We have 200 laptops to deploy (Windows 7, 64 Bit). We streamline our install as much as possible (use images, application deployment scripts and group policies). I like to streamline our l2tp over ipsec vpn connections and use the GPO to deploy it (Windows 2008 R2 domain). We are planning to use the native Microsoft VPN client for this connecting to an astaro SGS525.
In the GPO there is no way to put in the shared key so we will need to use certificates.
Astarto Setup
L2TP over IPsec
- Interface: External
- Authentication mode: X509 CA check
- Certificate ????
- Assign IP addresses by: DHCP Server
- DCHP Server: ******
- Reachable on interface: DHCP interface
-Authentication via: Radius
Currently in Remote access certificate management every user has a x509 cert created by the firewall self sign certificate authority.
Questions
1. Do I need to take my domain's CA and import it?
2. If I do need to import my domain's CA, do I need to make sure all users in AD have a X509 certificate?
3. What certificate do i use for the l2tp ca check?
4. Is there an easier way to deploy the l2tp settings to 200 laptops?
This thread was automatically locked due to age.
