Hi Ben, You are correct. If you're using an ISA Firewall, you can use ClearTunnel add on to do this. Who knows, it *might* be included in the next version of the ISA Firewall.
Tom -----Original Message----- From: Ben Scott [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 30, 2008 10:23 PM To: NT System Admin Issues Subject: Re: L2TP vs. SSTP On Jan 30, 2008 11:10 PM, Ken Schaefer <[EMAIL PROTECTED]> wrote: > But the cn value in the presented certificate will not > match the FQDN that the client initially connected to. Why wouldn't it? The proxy has the CA key and can make up new certificates all day long, each one with the right CN/DN to match what the client requested in the HTTP proxy CONNECT method. -- Ben ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
