none
Using A VPN Connection Between two Windows 7 Professional Systems

    Question

  • Hello Everyone:

     

       I am trying to create a VPN connection, to be used when I am away from home.  I have both a laptop and a desktop running Windows 7 Professional svcpk 1.  I am using a service from NO-IP.com that updates the IP Address on it's site in the event that the external IP address on my Modem/Router changes.  I just then only have to remember my own little URL.  I have set Type of VPN to IKEv2, Require encryption (disconnect if server declines), Use Extensible authentication Protocol (EAP)/Microsoft: Secured password (EAP-MSCHAP v2) (encryption).  Now I finally was able to get to the point of  connection and received a message (Certificate Required For This Connection).  Per the help documents within Windows 7, I created the certificates snap-in, then right clicked on the Certificates (Local Computer) pointed to All Tasks and clicked on (Automatically Enroll and Retrieve Certificates).  I then receive a pop-up box stating (Certificate auto-enrollment has not been enabled.)

     

       I have then gone to Local Security Policy  (Certificate Services Client - Auto - Enrollment) and changed this to enabled, rebooted the machine and I still receive the same (Certificate auto-enrollment has not been enabled)  This has all been done within an Administrator Account.

     

    Mark S. Gilliland

     

    *** Email address is removed for privacy ***


    Mark S. Gilliland

    Friday, September 27, 2013 9:53 PM

All replies

  • Hi,

    Membership in both the Enterprise Admins and the root domain's Domain Admins group is the minimum required to complete this procedure.

    And Group Policy settings must be enabled by an administrator before client computers can initiate autoenrollment.

    I’d like to share the following articles with you,hope can help you:

    Configure Certificate Autoenrollment

    http://technet.microsoft.com/en-us/library/cc731522.aspx

    AD CS: User autoenrollment should be enabled when an enterprise CA is installed

    http://technet.microsoft.com/en-us/library/dd379539(v=WS.10).aspx

    Regards,

    Yolanda

    Monday, September 30, 2013 12:45 PM
    Moderator
  • Yolanda:

    Thank you very much for the information.  The problem I have is that I am not running any Server of any kind.  I am simply running two Windows 7 Professional Machines.  Your advice is great, but I am not sure how it applies between a Home Desktop machine running Windows 7 Professional, which is behind a network NAT, with a private range IP Address, and a laptop which I will take on the road with me, and will connect to the Internet through a wireless Network at an RV Park which will then also have a private range IP Address.  I am trying to use IIS 7.5 on both machines to make the VPN connection.  At this point I receive an ERROR 789 saying I am behind a NAT which I already know.  I have my modem/router forwarding port 443/HTTPS to the desktop.  I also have a non fixed IP address, so I am trying to use a service through NO-IP.COM, that updates on their site should my modem's external IP Address change.

    Again thank you again for your assistance.  Why this is so baffling to me is that I have a degree in PC Networking and Systems Administration, with a Microsoft Specialization.  I thoroughly understand what you were pointing out, if I were actually trying to set this up on a Microsoft Server.

    Again Thank You for the information, and If you happen to understand this better now, any assistance would be appreciated.

    Mark


    Mark S. Gilliland

    Monday, September 30, 2013 10:23 PM
  •   The first thing to check is whether the VPN config is correct. VPN will work over any connection so I would make sure that it works when both machines are plugged into the LAN. When that works, you can start debugging the port forwarding and no-IP situation.

      As it is you have too many possible points of failure.

     

    Bill

    Tuesday, October 01, 2013 12:04 AM
  • Thank You Bill:

       I cannot seem to even get the VPN Connection to work on even the LAN only.  I just want to scream.  I did this twelve years ago, when I was in school, but I was using servers at the time, not just two client type machines.

    Mark


    Mark S. Gilliland

    Saturday, October 05, 2013 9:57 PM
  • Hi,

    I’d like to share the following article with you, hope can help you:

    How to set-up simple VPN connection between two remote computers. Step by Step using with pictures.

    http://xkrishx.wordpress.com/tag/how-to-set-up-simple-vpn-connection-between-two-remote-computers-step-by-step-using-with-pictures/

    Since you’re using a service from NO-IP.com, I also suggest you contact the noip.com for more information:

    http://www.noip.com/

    Note: Since the website is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.

    Regards,

    Yolanda

    Monday, October 07, 2013 10:14 AM
    Moderator