>From what I've read about Windows Server 2003, you have to have a certificate server to implement L2TP/IPSec. I don't expect to have many VPN clients. Is there a problem with buying certificates instead of running a certificate server? If I was to run my own certificate server, what best practices should I follow to keep it secure? I'm guessing it would NOT be a good idea to have the VPN server double as the certificate server (although that's what I'd like to do). I'm looking at implementing L2TP instead of PPTP because of the extra security it provides but It wouldn't do much good to have the extra security if my certificate server wasn't secure.
Thanks for your help. Curt ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
