You are probably allowing both PPTP and L2TP. I think most clients would negotiate PPTP first, and if that fails, then they'll try L2TP. Since PPTP requires no cert, and your RAS/RADIUS server allows PPTP, then the clients are not negotiating L2TP which is where your cert will come into play.
Sincerely,
Dèjì Akómöláfé, MCSE MCSA MCP+I
Dèjì Akómöláfé, MCSE MCSA MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon
From: Sieber R., DP ITS, FIP, DD
Sent: Thu 6/24/2004 9:27 PM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Using certificates to authenticate computers
Hello all, for our VPN access I want to allow only computers with a valid certificate to access the network. I've installed a CA, enrolled a certificate and also made an alternative name mapping to this certificate. When the computer logs on to the network without (deleted) certificate it works too. Where is my mistake? Does anybody has an idea? Robert List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/