Configure the answering router for certificate-based EAP

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

To configure the answering router for certificate-based EAP

Open Routing and Remote Access.
Right-click the name of the remote access router, and then click Properties.
On the Security tab, click Authentication Methods.
In the Authentication Methods dialog box, select the Extensible authentication protocol (EAP) check box, click OK, and then click OK again.
In the console tree, double-click the router name, and then click Remote Access Policies.
In the details pane, right-click the remote access policy that will be used by your certificate-based routers, click Properties, and then click Edit Profile.
On the Authentication tab, select the Extensible Authentication Protocol check box, click Smart card or other certificate (TLS), and then click Configure.
In the Smart Card or Other Certificate (TLS) Properties dialog box, select the machine certificate you want to use, and then click OK.
Click OK to save the settings of the profile, and then click OK again to save the settings of the policy.

Note

To perform this procedure, you must be a member of the Administrators group. As a security best practice, consider using the Run As command rather than logging on with administrative credentials. If you have logged on with administrative credentials, you can also open Routing and Remote Access by clicking Start, clicking Control Panel, double-clicking Administrative Tools, and then double-clicking Routing and Remote Access. For more information, see Default local groups, Default groups, and Using Run as.

Your server might function differently based on the version and edition of the operating system that is installed, your account permissions, and your menu settings. For more information, see Viewing Help on the Web.