Configure the Answering Router for Certificate-based EAP

Updated: April 30, 2010

Applies To: Windows Server 2008, Windows Server 2008 R2

To configure the answering router for certificate-based EAP

Membership in the local Administrators group, or equivalent, is the minimum required to complete this procedure.

1. Open the Routing and Remote Access MMC snap-in.

2. In the console tree, right-click the name of the answering router, and then click Properties.

3. On the Security tab, click Authentication Methods.

4. In the Authentication Methods dialog box, select the Extensible authentication protocol (EAP) check box, click OK, and then click OK again.

5. In the console tree, double-click the router name, and then click Remote Access Policies.

6. In the details pane, right-click the remote access policy that will be used by your certificate-based routers, click Properties, and then click Edit Profile.

7. On the Authentication tab, select the Extensible Authentication Protocol check box, click Smart card or other certificate (TLS), and then click Configure.

8. In the Smart Card or Other Certificate (TLS) Properties dialog box, select the machine certificate you want to use, and then click OK.

9. Click OK to save the settings of the profile, and then click OK again to save the settings of the policy.