I have installed the RRAS role in Windows 2012 R2 and configured it to provide for VPN connections using PPTP and L2TP/IPsec with PSK. I have defined policies for each in NPS. Both setups work correctly, I can succesfully establish both kinds of connections
using either a Windows client or an Ipad.
Now I want to configure IKEv2 type of connection. I want to do that wihout PKI as I asume this will not work for Ipads.
I have read this: https://technet.microsoft.com/en-us/library/dn614140.aspx and I am totally confused.
I understand I must install a server certificate with correct EKUs. How do I create a request for one or even a self-signed one? Where (in RRAS manager or in NPS?) do I specify which certificate to use with IKEv2?
I assume I have to setup a policy in NPS to provide for IKEv2 authentication. How?
Thanks & regards,
Andrej