locked
IKEv2 VPN using NPS in Server 2008 R2 RRS feed

  • Question

  • I am in the middle of IKEv2 VPN server setup in Server 2008 R2 and I would like to try with self signed certificate using Microsoft CA. Can any body please give the reference to generate the self singed certificate in details for IKEv2 vpn.


    • Edited by Karan.T Monday, July 2, 2012 11:28 AM
    Monday, July 2, 2012 11:27 AM

Answers

All replies

  • Neither SSTP nor  IKEv2 require a pre-shared key or certificate for client machine authentication. Only we must have the certificate in the VPN server, Is it correct?
    Monday, July 2, 2012 9:57 PM
  • Hi,

    For the remote client machine, we only need to verify that the issuer of the NPS server certificate was trusted. If you established a CA in your domain, make sure the CA was trusted in client side. If you using a NPS server self-signed certificate, add this certificate to all machines computer Trust Root Certification Authorities container.  

    Configure IKEv2-based Remote Access

    http://technet.microsoft.com/en-us/library/ff687731(v=ws.10)#BKMK_7

    Troubleshooting IKEv2 VPN Connections

    http://technet.microsoft.com/en-us/library/dd941612(WS.10).aspx

    Best Regards,

    Aiden


    Aiden Cao

    TechNet Community Support

    • Proposed as answer by Aiden_Cao Friday, July 6, 2012 1:22 AM
    • Marked as answer by Aiden_Cao Wednesday, July 18, 2012 6:24 AM
    Wednesday, July 4, 2012 5:20 AM
  • Thanks, I will try with given points.
    Monday, July 9, 2012 12:30 AM