STEP 5: Configure EDGE1 and 3-EDGE1 to use EAP for site-to-site authentication
Applies To: Windows Server 2012 R2, Windows Server 2012
On EDGE1, In the Routing and Remote Access snap-in, expand EDGE1, and then click Network Interfaces.
Right-click EDGE1@corp.contoso.com and then click Properties.
Click the Security tab and then select Use Extensible Authentication Protocol (EAP).
Right-click the IPsec template in the list, and then click Duplicate Template.
Select EAP-MSCHAP V2 in the dropdown menu
Click Ok.
When prompted for username\password, enter 3-EDGE1, Pass@word1
Windows PowerShell equivalent commands
The following Windows PowerShell cmdlet or cmdlets perform the same function as the preceding procedure. Enter each cmdlet on a single line, even though they may appear word-wrapped across several lines here because of formatting constraints.. Use the ipconfig /all command to list all the interfaces.
Set-VpnS2SInterface EDGE1 -Protocol IKEv2 –AuthenticationMethod –EAP –UserName "3edge1" –Password Pass@word1
On EDGE1, In the Routing and Remote Access snap-in, expand EDGE1, and then click Network Interfaces.
Right-click EDGE1@corp.fabrikam.com and then click Properties
Click the Security tab and then select Use Extensible Authentication Protocol (EAP).
Select EAP-MSCHAP V2 in the dropdown menu.
Click Ok.
When prompted for username\password, enter edge1, Pass@word1
Windows PowerShell equivalent commands
The following Windows PowerShell cmdlet or cmdlets perform the same function as the preceding procedure. Enter each cmdlet on a single line, even though they may appear word-wrapped across several lines here because of formatting constraints.. Use the ipconfig /all command to list all the interfaces.
Set-VpnS2SInterface EDGE1 -Protocol IKEv2 –AuthenticationMethod –EAP –UserName "edge1" –Password Pass@word1
On 3-EDGE1, in the console tree of the Routing and Remote Access snap-in, click Network Interfaces.
In the Details pane, right-click edge1@corp.fabrikam.com, and then click Connect.
Confirm that the connection state of VPN_Corpnet is connected.
- On DC1 at the Start menu, type cmd and then hit Enter. At the command prompt, type ping 10.6.0.2. Verify that there are four replies from 10.6.0.2. On 3-EDGE1, in the Internet Explorer address bar, type https://localhost/certsrv, and then press ENTER.