Please bear with me as I am new to using AD CA as well as connection security rules. I am trying to deploy Connection security rules as a way of verifying a remote computer that will connect to a resource in my environment. The two resources exist in different untrusted active directory forests.
I have configured the Connection security rule and inbound / outbound rule for the encryption. When using a pre shared key the rule works just fine.
When I switch it to a computer certificate it will not establish the IPSEC connection. The destination (192.168.1.51) is also the AD CA. I have requested a "server auth" certificate and approved the certificate, installed the certificate into the remote computer, and then exported and imported it into the computer's personal store.
The only thing that I change between when it works and when it doesn't is changing the "first authentication methods" from preshared key to computer certificate.
Additionally, I have none of the "advanced" settings configured.
I am literally at my wits end with this. I have enabled Firewall verbose and connection verbose and am not getting any logs out of either. I cleared the event logs (this is a lab) and don't see anything that pertains to IPSEC or connection security in either configuration (preshared key / computer certificate)