ras/IAS

[Jeff Miller]

i have a cisco wireless access point that properly gets a certificate from
the CA, and authenticates through RAS and AD.

One thing that i notice, it will only allow a user to connect if the machine
is part of the domain. Is there a way to allow them in, if they are not
part of the domain? We tried exporting the CA, however that was
unsuccessful as well.

 

[Priya Raghavan [MSFT]]

Hi Jeff,

You can connect to the RAS Server even if your client is not in the domain.
You can export the personal certificate and the root certificate, store it
in your file system and install them into the machine even when it is not in
the domian.

Steps to export a certificate are described in the HELP available in the
certificates snap-in. You need to export both PFX and CER files.
Can you explain what problems you are facing with exporting the certs ?
Are you using EAP authentication or L2TP connection ?

Thanks,
Priya.