Unfortunately, Microsoft imports the X.509 Certificate (the .p12
file) into the wrong place in the Registry when you double-click it. Instead of the certificate becoming a 'local machine' certificate, it becomes a 'user certificate', and as a result, the Microsoft IPsec subsystem will not be able to find it. To make matters more complicated, adding a certificate to the 'local machine' certificate store unfortunately also requires administrative rights.
Do not double-click the certificate and use the Certificate Import wizard. Instead, use the Microsoft Management Console (MMC) by selecting Start | Run and typing mmc in the input box.
Select Console | Add/Remove Snap-in. When the Add/Remove Snap-in dialog opens, click the Add button to open the Add Standalone Snap-in dialog.
Choose Certificates from the list of snap-ins, and click Add again to confirm. When prompted, select Computer Account, not the default selection of User Account, which will not...