I've been tasked to come up with a 2 factor authentication method for VPN
without purchasing any additional hardware/software. First of all, running
my vpn server on a 2000 box in an NT 4.0 domain.
Can this be accomplished using Microsoft Certificate Services? If so, can
someone please point me to a decent white paper on how to accomplish this. I
have certificate services running, can request a token from the client
machine, install it and get username and password failed...no matter what I
have tried. When I go to the RAS server and try to edit the default profile
to use EAP, I get an error stating no certificate found that can be used for
If the above is not a possible solution, can anyone make any suggestions on
the best way to accomplish this?