Open the IAS Console (Start, All Programs, Administrative Tools, Internet
Authentication Service).
2. Right-click the Remote Access Policies node and click New Remote Access Policy.
3. At the Wizard welcome screen, click Next to continue.
4. At the subsequent dialog box, shown in Figure 9.12, select Use the Wizard to Set Up
a Typical Policy for a Common Scenario.
5. Enter a name for the policy, and click Next to continue.
6. From the list of access methods, select VPN and click Next.
7. Under the User or Group Access dialog box, select Group, and then click the Add
button.
8. Enter a name of an Active Directory Group whose members will have VPN access
and then click OK and then Next to continue.
9. Select the authentication protocols that the policy will support. For security reasons,
it is often best to only allow MS-CHAP v2. Click Next to continue.
FIGURE 9.12 Creating a Remote Access Policy for RADIUS VPN authentication.
241
9
Utilizing RADIUS Authentication for VPN Connections
10. Select the various levels of IPSec encryption that will be supported. Allowing weaker
levels of encryption can be a security threat, but can allow for greater compatibility.
Pages:
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428