L2TP/IPSec vpn server with certificate and without joining a domain RRS feed

  • Question

  • I need to Configure a vpn server with certificate authentication. ca-server is standalone. an all machine not join any domain and there are workstation.i can't  connect vpn-client to vpn-server with L2TP/IPSEC and certificate but no problem when joined to domain.
    is any solution for L2TP/IPsec with certificate connection without joining a domain ?

    I setting up standalone ca server and install ca and server certificate in vpn-server and install ca and client certificate in client-server with enroll certificates manually.

    but when client connect to server with L2tp/IPSec error occured :

    A network connection between your computer and the VPN server was started, but the VPN connection was not completed. This is typically caused by the use of an incorrect or expired certificate for authentication between the client and the server. Please contact your Administrator to ensure that the certificate being used for authentication is valid.


    • Moved by Dave PatrickMVP Tuesday, December 29, 2020 1:37 PM looking for forum
    • Edited by alek1990 Thursday, December 31, 2020 7:42 AM
    Tuesday, December 29, 2020 1:33 PM


  • I'd try asking for help over here.

    windows-server-security - Microsoft Q&A



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    • Proposed as answer by Dave PatrickMVP Wednesday, December 30, 2020 10:05 PM
    • Marked as answer by Guido Franzke Tuesday, January 5, 2021 6:53 AM
    Tuesday, December 29, 2020 1:37 PM