I tried to set up a Point to site Connection without using a selfsigned certificate as it is described in various places.
Currently I have tried to use my PKI-Structure with an offline Root-CA and a subordinatie issuing CA. As I have tried to set up the VPN Connection without success - here are my questions:
- Is it necessary to upload the intermediate CA´s cer-File as well?
- Which certificate template am I supposed to use for the client certificate?
- As the CRL-Points are not reachable from the Internet - is a revocation check performed?
I hope someone can help.
Thanks -tom