VPN Clients Using Certificates

From help.computerisms.ca
Revision as of 13:56, 24 January 2014 by Bob (talk | contribs)
Jump to navigation Jump to search

BEFORE YOU BEGIN: you need the following items:

  • A P12 Certificate with a password
  • A username/password combination for L2TP
  • The Hostname or IP Address of your company firewall


  • NOTE:Actions Listed in {Curly Braces} may *not* be present, depending on the configuration of your computer

Using Windows 7 (Adaptable to Windows 8)

  1. Press Windows Key+R to open a run window=>Enter mmc in the only available field=>click OK
  2. In the window the opens, click file=>Add/Remove Snapin
  3. Double-Click Certificates=>Select Computer Account and click Next=>Select Local Computer and click Finish=>Click OK
  4. In the left pane, expand Certificates=>right click Personal=>Select All tasks=>Click Import
  5. Click Next=>Click Browse=>navigate to the location of your P12 file
  6. At the bottom right of the window, use the drop down menu to select Personal Information Exchange=>Double click your P12 file
  7. Click Next=>Enter your Certificate Password=>click Next=>Select "Automatically Select ..."=>Click Next=>Click Finish
  8. Close this window=>Select No when prompted to save
  9. Navigate to the Control Panel=>{Network and Internet}=>Network and Sharing Center=>Select "Set up a new connection or network"
  10. Select "Connect to a workplace"=>Next=>{Select "No, Create a new connection"}=>Select "Use my Internet connection (VPN)"
  11. In the "Internet Address" field, enter the hostname or IP address of your company firewall provided to you by your company
  12. The "Destination Name" field requires an arbitrary value that identifies what you are connecting too (IE put anything that identifies to you personally what you are connecting too)
    1. If you are unsure what to put in this field, use your Company's Name
  13. Click Next=>Enter the L2TP Username provided to you=>Enter the L2TP Password provided to you
  14. Click Connect=>Let the connection fail (this may take a while)=>Click "Set up the connection anyway"
  15. In the lower-right corner of your screen by the clock, click the network icon
  16. The value you entered for "Destination Name" above will be listed here=>right click it=>Choose properties=>Select the "Security" tab
  17. Set "Type of VPN" to "Layer 2 Tunneling Protocol with IPSec (L2TP/IPSec)"
  18. Click the button called "Advanced"=>Deselect "Verify the Name and Usage attributes for the server's certificate"=>Click OK
  19. Set "Data encryption" to "Optional encryption (connect even if no encryption)"
  20. Under "Authentication", ensure "Allow these protocols is selected=>Ensure "Unencrypted Password (PAP) is deselected=>Ensure "Challenge Handshaek Authentication Protocol (CHAP)" is selected
    1. "Microsoft CHAP Version 2 (MSCHAP v2)" can be selected or deselected, but "Automatically use any Windows logon name and password" should not be selected
  21. Click OK
  22. In the lower-right corner of your screen by the clock, click the network icon=>Select the same connection=>Click Connect=>{Click Connect}
    1. A Note on saving passwords: do not save the password unless you are the only one using this computer, instead enter it every time you connect

Using a Mac

  • I would generally discourage trying to get certificates working on a Mac. if it can be made to work, it is certainly a dauntingly technical task that seems to get harder with every release of the Mac OS X operating system.
Retrieved from "http://help.computerisms.ca/index.php?title=VPN_Clients_Using_Certificates&oldid=488"