Hi All,
I've installed a RRAS (Win2016) as an IKEv2 VPN server. The VPN authentication is configured to use a machine certificate on the clients. The clients (Windows 10) receive a computer certificate from an internal CA. So far everything is working as expected. Clients are connecting without any problems. The tighten the security I want to revoke certificates when necessary. When I revoke a certificate of a client and publish the CRL, clients are still able to connect. I double checked the CRL and confirmed the revoked certificate is on the list.
I already tried this setting:Netsh ipsec dynamic set config property=strongcrlcheck value=2
Any tips?