Setting up an L2TP/IPSec VPN. VPN Clients will be AD domain members. WS2003
SP1 functional-level domain & Enterprise CA.

Group Policy is set to auto-renew certs as they expire. VPN Clients will be
connecting on demand from existing Windows sessions (not using "Log on using
dialup"). The script that makes the VPN connection will include GPUPDATE
/FORCE /WAIT:0. Users logging on will not be admins.

1. Will these VPN clients have their certs auto-renewed before expiration?

2. If not, is there a command line method to script renewal during the CMAK
connection?

--
Jeff Vandervoort
JRVsystems