VPN Router Setup Q's

cousin_borat

Hi,

I am setting up a VPN solution for my brothers office and could really do with some pointers.

the previous solution used a 3com router/firewall that supported PPTP VPN passthrough to a WinXP machine that acted as a VPN host. Since this only supports 1 user at a time and also for security we decided on investigating in a hardware solution.

We purchased a Linksys VPN router
The setup is going to be remote clients logging onto the office intranet using ADSL/ISDN or Dial-Up.

The router supports IPSEC so I would like to use this.

My questions are:
apart from configuring the router on the LAN site and the clients themselves. 1) Do I have to configure the Windows 2000 server ie for authentication purposes, etc
2) after configuring the router and IP filters on a client and attempting the VPN over a dial-up I got an error 781, stating that no certificate was present.
Where do I get this certificate from and is it necessary?

Any answers to these or pointers would be greatly appreciated.

Cheers

jayok

Hello cousin_borat,

1) Depends on the authentication selected. You could user an IKE shared secret jobbie with no need for user authentication or use specific RADIUS authentication. Simplest is shared secret.

2) Yes, you'll need a certificate to complete the VPN setup. I believe with the linksys routers you can generate one of these internally or if you cannot simply install Certificate Services on the DC on your network and issue one from there.

Jason.

cousin_borat

Thanks for that.

Some of the laptops that will be VPN clients are already joined to the domain however some others are already in remote locations.

How can I get certificates onto these machines?