The procedure for deploying a VPN solution, as documented in the following sections, is based on the network architecture shown in Figure 23-4.
Figure 23-4. VPN certificate deployment
This network architecture assumes that the VPN client will connect to the network using an L2TP/IPsec tunnel and use EAP-TLS for user authentication, or utilize SSTP with EAP-TLS authentication. This requires that the following certificates be deployed before you start the actual network configuration:
RADIUS server: A RAS and IAS Server certificate
VPN Server: An IPsec certificate and a Web Server certificate
VPN Client Computer: An IPsec or an ...