Jump to content

This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

FireBrick Road Warrior Windows 7: Difference between revisions

m
clean up, typos fixed: eg → e.g. (2)
m (clean up, typos fixed: eg → e.g. (2))
 
(5 intermediate revisions by one other user not shown)
<indicator name="RoadW">[[File:Menu-Road-Warrior.svg|link=:Category:FireBrick_IPsec_Road_WarriorFireBrick IPsec Road Warrior|30px|Back up to the FireBrick Road Warrior Category Page]]</indicator>
== Windows setup ==
 
# Using a command window, or the '''Start|Run''' box, execute the command <tt>'''mmc'''</tt> (and answer Yes when asked if you want to allow changes).
# Select '''Add/Remove Snap-in''' from the File menu, choose the '''Certificates''' snap-in and add it to selected snap-ins.
# A dialog will ask if you want to manage certificates for the user account, a service account or computer account. You must select <tt>'''Computer Account'''</tt> here in order to manage the system certificates. If you do not select this, or you start up the certificate manager in some other way (ege.g. using <tt>certmgr.msc</tt>, you will not be able to install the certificate system-wide, and the Windows IPsec subsystem will not find it. Click '''Next'''.
# Another dialog will ask which computer to manage. Choose <tt>'''Local computer'''</tt>. Click '''Finish'''
# Finally click on <tt>'''OK'''</tt> to start the certificate manger snap-in.
Now you need to set up the IPsec network connection details.
 
# Go to Start - '''Control Panel''' then Network and selectInternet, then 'View network status and tasks then <tt>'''Set up a new connection or network'''</tt>.
# Select <tt>Connect to a Network</tt> and choose <tt>'''Connect to a Workplace'''</tt>.
# Click <tt>Next</tt>, select <tt>No, create a new connecton</tt>, <tt>Next</tt>
# Choose <tt>Use my Internet connection (VPN)</tt>
# Insert the server name (ege.g. <tt>server.example.com</tt>), and choose whatever you like to name the connection (Destination name). (the Server name needs to match the name in the generated certificate, this is usually a hostname rather than an IP address)
# Select <tt>'''Don't connect now; ...'''</tt>
# You don't need to enter User name and password as it will ask again later
# Click on <tt>'''Create'''</tt> and then <tt>'''Close'''</tt> (Don't connect yet!)
# Back at the Network and Sharing Center dialog, select <tt>'''Connect to a network'''</tt>
# Right-click the connection you have just created in the pop-up box and select <tt>Properties</tt>
# Select the <tt>Security</tt> tab, and change the Type of VPN to IKEv2.
 
 
=Help=
[[Category:FireBrick_IPsec_Road_Warrior|Windows]]
 
==Error 13801: IKE authentication credentials are unacceptable==
[[File:Win7-IPsec-error-ike2auth.PNG|framed|none|Error 13801]]
#Check that the hostname as set in the VPN settings matches the server certificate name, or:
#Double check that you selected 'Computer Account' in the steps above for the installing the certificate in the Certificate Manager
 
[[Category:FireBrick_IPsec_Road_WarriorFireBrick IPsec Road Warrior|Windows]]
editor
699

edits