This network can then be limited to only a specific set of low-risk
63.240.93.138
10.1.1.1
10.1.2.1
12.155.166.151
VPN Tunnel
Internet 10.1.2.0/24 10.1.1.0/24
San Francisco Minneapolis
FIGURE 3.29 Understanding a site-to-site VPN.
97
3
Examining the Cache Node Settings
activities. For example, it may be useful to validate that all clients have approved antivirus
software installed before full access to the network is granted.
VPN quarantine is not on by default, and must be specifically set up and configured.
Chapter 9 contains step-by-step procedures, but the configuration of VPN quarantine
consists of two processes. The first process involves configuring VPN client computers
with a special listener that reports to the ISA server if the client passes specified criteria
that are necessary for full access. The second component, illustrated in Figure 3.30,
involves checking the box in the Quarantined VPN Clients Properties dialog box.
Unlike the other VPN settings, you can invoke this dialog box in the Networks node by
double-clicking on the quarantined VPN clients network listed under the Networks tab of
the Details pane.
Pages:
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221