Hi ,
A valid computer certificate and root certificate are required on both VPN client and VPN server.
Certificate enrollment for computers that are not domain members cannot be
done with auto-enrollment. When a computer is joined to a domain, a trust
is established that allows auto-enrollment to occur without administrator
intervention. When a computer is not joined to a domain, trust is not
established and a certificate is not issued.
So for non-domain member computers you must enroll certificates manually.
For how to request certificate from a non-domain computer, you can refer to the following link:
Best Regards,
Candy
--------------------------------------------------------------
If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.