VPN user certificate not being issued

Brian S 96 Reputation points
2021-11-10T14:38:31.627+00:00

Hello,
I am following this guide to set up always on VPN: https://www.youtube.com/watch?v=aZ-thDAfuBM

When I get to the step at 1:04:30, I noticed that the user certificate had not been issued to my test machine despite adding my user to the correct VPN users group. I also confirmed that VPN computer certs, NPS server certs, and VPN server certs are being issued correctly but the user cert never makes it to my machine. Is there something I am missing?

In fact, when I go to our internal CA I see that the cert was created but never made it to my machine.

Windows Server Security
Windows Server Security
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
1,304 questions
{count} votes

Accepted answer
  1. Brian S 96 Reputation points
    2021-11-15T13:27:32.67+00:00

    It turns out I was looking in the wrong place. Here is the answer:

    You must look in the "Certificates - Current User" snap-in, not the local computer certificates for user-based certificates.

    No comments

1 additional answer

Sort by: Most helpful
  1. Limitless Technology 37,341 Reputation points
    2021-11-10T19:41:45.53+00:00

    Hello @Brian S

    Most likely it is a failure or misconfiguration in the policies for autoenrollment of the device. I would recommend to check the next article to set up the GPOs

    https://learn.microsoft.com/en-us/windows-server/remote/remote-access/vpn/always-on-vpn/deploy/vpn-deploy-server-infrastructure

    Hope this helps with your query,

    ---------
    --If the reply is helpful, please Upvote and Accept as answer--