VPN Clients Using Certificates: Difference between revisions
Jump to navigation
Jump to search
(Created page with "*Actions Listed in {Curly Braces} may *not* be present, depending on the configuration of your computer ==Using Windows 7 (Adaptable to Windows 8)== #Navigate to the Control...") |
No edit summary |
||
| Line 1: | Line 1: | ||
BEFORE YOU BEGIN: you need the following information: | |||
A P12 Certificate with a password | |||
A username/password combination for L2TP | |||
The Hostname or IP Address of your company firewall | |||
*Actions Listed in {Curly Braces} may *not* be present, depending on the configuration of your computer | *Actions Listed in {Curly Braces} may *not* be present, depending on the configuration of your computer | ||
==Using Windows 7 (Adaptable to Windows 8)== | ==Using Windows 7 (Adaptable to Windows 8)== | ||
#Press Windows Key+R to open a run window=>Enter mmc in the only available field=>click OK | |||
#In the window the opens, click file=>Add/Remove Snapin | |||
#Double-Click Certificates=>Select Computer Account and click Next=>Select Local Computer and click Finish=>Click OK | |||
#In the left pane, expand Certificates=>right click Personal=>Select All tasks=>Click Import | |||
#Click Next=>Click Browse=>navigate to the location of your P12 file | |||
#At the bottom right of the window, use the drop down menu to select Personal Information Exchange=>Double click your P12 file | |||
#Click Next=>Enter your Certificate Password=>click Next=>Select "Automatically Select ..."=>Click Next=>Click Finish | |||
#Close this window=>Select No when prompted to save | |||
#Navigate to the Control Panel=>{Network and Internet}=>Network and Sharing Center=>Select "Set up a new connection or network" | #Navigate to the Control Panel=>{Network and Internet}=>Network and Sharing Center=>Select "Set up a new connection or network" | ||
#Select "Connect to a workplace"=>Next=>{Select "No, Create a new connection"}=>Select "Use my Internet connection (VPN)" | #Select "Connect to a workplace"=>Next=>{Select "No, Create a new connection"}=>Select "Use my Internet connection (VPN)" | ||
| Line 8: | Line 21: | ||
#The "Destination Name" field requires an arbitrary value that identifies what you are connecting too (IE put anything that identifies to you personally what you are connecting too) | #The "Destination Name" field requires an arbitrary value that identifies what you are connecting too (IE put anything that identifies to you personally what you are connecting too) | ||
##If you are unsure what to put in this field, use your Company's Name | ##If you are unsure what to put in this field, use your Company's Name | ||
#Click Next=>Enter the Username provided to you=>Enter the Password provided to you | #Click Next=>Enter the L2TP Username provided to you=>Enter the L2TP Password provided to you | ||
#Click Connect=>Let the connection fail (this may take a while)=>Click "Set up the connection anyway" | #Click Connect=>Let the connection fail (this may take a while)=>Click "Set up the connection anyway" | ||
#In the lower-right corner of your screen by the clock, click the network icon | #In the lower-right corner of your screen by the clock, click the network icon | ||
#The value you entered for "Destination Name" above will be listed here=>right click it=>Choose properties=>Select the "Security" tab | #The value you entered for "Destination Name" above will be listed here=>right click it=>Choose properties=>Select the "Security" tab | ||
#Set "Type of VPN" to "Layer 2 Tunneling Protocol with IPSec (L2TP/IPSec) | #Set "Type of VPN" to "Layer 2 Tunneling Protocol with IPSec (L2TP/IPSec)" | ||
#Click the button called "Advanced"=> | #Click the button called "Advanced"=>Deselect "Verify the Name and Usage attributes for the server's certificate"=>Click OK | ||
#Set "Data encryption" to "Optional encryption (connect even if no encryption)" | #Set "Data encryption" to "Optional encryption (connect even if no encryption)" | ||
#Under "Authentication", ensure "Allow these protocols is selected=>Ensure "Unencrypted Password (PAP) is deselected=>Ensure "Challenge Handshaek Authentication Protocol (CHAP)" is selected | #Under "Authentication", ensure "Allow these protocols is selected=>Ensure "Unencrypted Password (PAP) is deselected=>Ensure "Challenge Handshaek Authentication Protocol (CHAP)" is selected | ||
Revision as of 13:55, 24 January 2014
BEFORE YOU BEGIN: you need the following information: A P12 Certificate with a password A username/password combination for L2TP The Hostname or IP Address of your company firewall
- Actions Listed in {Curly Braces} may *not* be present, depending on the configuration of your computer
Using Windows 7 (Adaptable to Windows 8)
- Press Windows Key+R to open a run window=>Enter mmc in the only available field=>click OK
- In the window the opens, click file=>Add/Remove Snapin
- Double-Click Certificates=>Select Computer Account and click Next=>Select Local Computer and click Finish=>Click OK
- In the left pane, expand Certificates=>right click Personal=>Select All tasks=>Click Import
- Click Next=>Click Browse=>navigate to the location of your P12 file
- At the bottom right of the window, use the drop down menu to select Personal Information Exchange=>Double click your P12 file
- Click Next=>Enter your Certificate Password=>click Next=>Select "Automatically Select ..."=>Click Next=>Click Finish
- Close this window=>Select No when prompted to save
- Navigate to the Control Panel=>{Network and Internet}=>Network and Sharing Center=>Select "Set up a new connection or network"
- Select "Connect to a workplace"=>Next=>{Select "No, Create a new connection"}=>Select "Use my Internet connection (VPN)"
- In the "Internet Address" field, enter the hostname or IP address of your company firewall provided to you by your company
- The "Destination Name" field requires an arbitrary value that identifies what you are connecting too (IE put anything that identifies to you personally what you are connecting too)
- If you are unsure what to put in this field, use your Company's Name
- Click Next=>Enter the L2TP Username provided to you=>Enter the L2TP Password provided to you
- Click Connect=>Let the connection fail (this may take a while)=>Click "Set up the connection anyway"
- In the lower-right corner of your screen by the clock, click the network icon
- The value you entered for "Destination Name" above will be listed here=>right click it=>Choose properties=>Select the "Security" tab
- Set "Type of VPN" to "Layer 2 Tunneling Protocol with IPSec (L2TP/IPSec)"
- Click the button called "Advanced"=>Deselect "Verify the Name and Usage attributes for the server's certificate"=>Click OK
- Set "Data encryption" to "Optional encryption (connect even if no encryption)"
- Under "Authentication", ensure "Allow these protocols is selected=>Ensure "Unencrypted Password (PAP) is deselected=>Ensure "Challenge Handshaek Authentication Protocol (CHAP)" is selected
- "Microsoft CHAP Version 2 (MSCHAP v2)" can be selected or deselected, but "Automatically use any Windows logon name and password" should not be selected
- Click OK
- In the lower-right corner of your screen by the clock, click the network icon=>Select the same connection=>Click Connect=>{Click Connect}
- A Note on saving passwords: do not save the password unless you are the only one using this computer, instead enter it every time you connect
Using a Mac
- I would generally discourage trying to get certificates working on a Mac. if it can be made to work, it is certainly a dauntingly technical task that seems to get harder with every release of the Mac OS X operating system.