Tom,
I do not think you can use L2TP/IPSEC without a certificate.
Regards,
Aric
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom
Sent: Wednesday, November 24, 2004 8:28 AM
To: ActiveDir (E-mail)
Subject: [ActiveDir] Hate to beg..
I don't want
Then why oh why is kerberos an option?
thanks
-Original Message-
From: Bernard, Aric [mailto:[EMAIL PROTECTED]
Sent: Wednesday, November 24, 2004 11:37 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Hate to beg..
Tom,
I do not think you can use L2TP/IPSEC without a certificate
I would agree. The whole point behind IPSec/L2TP is having that
certificate.
Sorry
Steve
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Bernard, Aric
Sent: Wednesday, November 24, 2004 8:37 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Hate to beg
Can you clarify as to where you are seeing Kerberos as an option for
L2TP/IPSEC?
Thanks
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom
Sent: Wednesday, November 24, 2004 8:41 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Hate to beg
, November 24, 2004 11:41 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Hate to beg..
Then why oh why is kerberos an option?
thanks
-Original Message-
From: Bernard, Aric [mailto:[EMAIL PROTECTED]
Sent: Wednesday, November 24, 2004 11:37 AM
To: [EMAIL PROTECTED]
Subject: RE
PROTECTED]
Sent: Wednesday, November 24, 2004 11:51 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Hate to beg..
Can you clarify as to where you are seeing Kerberos as an option for
L2TP/IPSEC?
Thanks
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al
Sent: Wednesday, November 24, 2004 11:50 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Hate to beg..
Kerberos is not supported at least on W2K.
http://support.microsoft.com/default.aspx?scid=kb
.
Regards,
Aric
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al
Sent: Wednesday, November 24, 2004 8:50 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Hate to beg..
Kerberos is not supported at least on W2K.
http://support.microsoft.com
24, 2004 11:50 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Hate to beg..
Kerberos is not supported at least on W2K.
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q248711
There were supposed to be some changes for W2K3, but those were for IPSEC
(such as startup changes etc). I
]
Subject: RE: [ActiveDir] Hate to beg..
In secpol.msc under ip security policies on local machine. open up one
of the pre built policies and go to authentication. you have a choice of
pre shared key,cert and kerberos.
kerberos is checked off as the default.
Thanks
-Original Message-
From: Bernard
:02 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Hate to beg..
Let me clarify a little. It's a rare occurrence when you could use kerb
auth for this. Not likely designed for what you are wanting to do.
Click the Authentication Methods tab, configure the authentication method
that you want
the clients are already at the remote site.
whats a good way to get the machines the cert?
thanks
-Original Message-
From: Bernard, Aric [mailto:[EMAIL PROTECTED]
Sent: Wednesday, November 24, 2004 12:05 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Hate to beg..
Using certificate
:35 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Hate to beg..
SO like client to domain controller during logon?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Bernard, Aric
Sent: Wednesday, November 24, 2004 12:26 PM
To: [EMAIL PROTECTED]
Subject
In the case of Kerberos, no that would be the exception...
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Salandra,
Justin A.
Sent: Wednesday, November 24, 2004 9:35 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Hate to beg..
SO like client
without regard to the
policy specified in the GPO.
Hope this helps
Aric Bernard
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom
Sent: Wednesday, November 24, 2004 9:44 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Hate to beg..
So, you
Tom-
You can use Public Key policy to push certs to machines already in the
domain.
Darren
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom
Sent: Wednesday, November 24, 2004 9:27 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Hate to beg
?
Sorry for harping on this but MS has made it a little confusing to my small
mind.
Thanks
-Original Message-
From: Bernard, Aric [mailto:[EMAIL PROTECTED]
Sent: Wednesday, November 24, 2004 1:03 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Hate to beg..
L2TP, or Layer 2 Tunneling
17 matches
Mail list logo