Hi, I have a Single Active Directory domain. Enterprise CA (W2K3) - domain member. IAS(W2K3) -> domain member. RRAS(W2K3) -> non-domain member in the perimeter network. with this configuration, can I use EAP-TLS authentication ? If yes, how can I enroll and import user and computer certificate to remote non-domain members workstation ? (eg. employee's home PC) so it can successfully establish EAP-TLS ? If not, what's the highest security options with my currently configuration ? TIA Steven
