Friday, November 27, 2015

Creating a Custom Remote Access Policy by Using the New Remote Access Policy Wizard

Policy Configuration Method:

                                                   Select Set up a custom policy, and then type an appropriate name for the policy, such as Authenticate BranchOfficeRouters.

Policy Conditions:

                                                 If this is a dial-up (non-VPN) connection:
  1. Click Add.
  2. Select Windows-Groups, click Add twice, and then specify the group name you created earlier (such as BranchOfficeRouters). Click OK twice to return to the Policy Conditions page.
  3. Click Add, and select NAS-Port-Type. Click Add, and select the appropriate device type, such as Async (Modem)ISDN Async V.100ISDN Async V.120, or ISDN Sync. Then click Add.
  4. Click Add, select Authentication Type, click Add, select either MS-CHAP v2 or EAP, and then click Add.
  5. Select and configure any other attributes for which you want to specify a setting.
-or-
If this is a VPN connection:
  1. Click Add.
  2. Select Windows-Groups, click Add twice, and then specify the group name you created earlier (such as BranchOfficeRouters). Click OK twice to return to the Policy Conditions page.
  3. Click Add, select NAS-Port-Type, click Add, select Virtual VPN, and then click Add.
  4. Click Add, select Tunnel-Type, click Add, select either Point-to-Point Tunneling Protocol or Layer 2 Tunneling Protocol (as appropriate), and then click Add.
  5. Click Add, select Authentication-Type, select either MS-CHAP v2 or EAP, and then click Add.
  6. Select and configure any other attributes for which you want to specify a setting.

Permissions:

                    Select Grant remote access permission.

Profile:

                   If you want to change the defaults, click Edit Profile, and then make the desired changes. For example, click Edit Profile, select the Encryption tab, select Strongest encryption, and clear any other selections.


No comments:

Post a Comment