Forum Discussion
Always on VPN Certificate Authority Configuration
Hey All, I'm relatively new here and figured I'd reach out to the community for some guidance on a project that I am working on. I am looking at the possibilty of implemeting and supporting an alway...
I did this about a year ago. You can use your existing Certificate Setup. Generally we just had to confirm Devices and Users are getting certs. As the two tunnels authenticate with them. I wouldn't re-invent PKI. I would use a new NPS and RAS server for it though, keep it simple. I didn't configure conditional access, just allowed access if computer and user are in domain groups.
I recommend Googling "Richard Hicks". He has a lot of good articles on it that help supplement the Microsoft ones.
I recommend Googling "Richard Hicks". He has a lot of good articles on it that help supplement the Microsoft ones.