Psoasman wrote: » I believe you need to add the template. You would R-click the certificates template folder, then choose new template to issue, then select IPSec. This should add the IPSec template to your list of available templates to choose from.
Mikdilly wrote: » Thanks, will try this.
Psoasman wrote: » Uncheck use the default response rule, this will force the computer to negotiate IPSec before any connections can be made.
Mikdilly wrote: » I'd like to leave the options the same as they specify in the exercise which is to leave it selected. Further on in the exercise I get an error when enrolling the client by using the Certificates snap-in : The wizard cannot be started because of one or more of the following conditions: - There are no trusted certification authorities (CAs) available. - You do not have the permissions to request certificates from the available CAs. - The available CAs issue certificates for which you do not have permissions. The error comes up after clicking finish on the steps below. 1. Open a blank Microsoft Management Console (MMC) console, and then add the Certificates snap-in. When prompted to select the account, select Computer Account, and then select Local Computer. 2. Expand Certificates. Right-click Personal, click All Tasks, and then click Request New Certificate. The Certificate Request Wizard appears. 3. Click Next. On the Certificate Types page, click IPSec. 4. Click Next twice, and then click Finish. Searched the error and came toError message when a client computer requests a certificate from a computer that is running Windows Server 2003 with Service Pack 1: "The wizard cannot be started because of one or more of the following conditions" but it describes this error happening in 2003 SP1, i have SP2 on the CA server and the client, could this error still occur in SP2?
