Resources for using certificates with NPS and NAP

An interesting but also somewhat complicated element of deploying a network access method with or without a NAP health evaluation is the use of digital certificates. Digital certificates can be used to provide strong authentication for remote access VPN connections, IEEE 802.1X-authenticated wired and wireless connections, and IPsec-protected traffic.

Additionally, the following NAP enforcement methods use certificates:

· IPsec enforcement uses health certificates

· The 802.1X and VPN enforcement methods use the Protected Extensible Authentication Protocol (PEAP) method, which requires a computer certificate on the NPS server and a corresponding root certificate on the NAP client

Here are the key resources for learning about certificates and access methods with NPS:

· Certificates and NPS

· Certificate Requirements for PEAP and EAP

Additionally, here are two Foundation Network Companion Guides that describe certificate deployment for EAP and PEAP:

· The “Foundation Network Companion Guide: Deploying Server Certificates” available in HTML and Word document format

· The “Foundation Network Companion Guide: Deploying Computer and User Certificates” available in HTML and Word document format

Consume, assimilate, deploy, and enjoy!

Joe Davies