3. Double-click on the Quarantined VPN Clients network.
4. Select the Quarantine tab.
5. Check the Enable Quarantine Control box.
6. Click OK after the warning pops up.
The Quarantine tab, shown in Figure 9.39, allows for the option to quarantine based on
ISA Server policies, the method described here, or via RADIUS policies, which may be
required in certain circumstances. In addition, the option to disconnect users that don??™t
pass quarantine is offered. In some cases, limited support to a smaller range of network
services may be desired for VPN clients in quarantine, so this option is not always checked.
FIGURE 9.39 Enabling VPN Quarantine on the ISA server.
273
9
Enabling ISA Server 2006 VPN Quarantine
Finally, exempt users or groups can be specified based on ISA User Sets, which can parse
AD, RADIUS, or SecurID group membership. This allows for exemptions to Quarantine to
be established for choice groups of VPN clients. To add clients, make changes to the
Quarantine tab as necessary, then click OK, and Apply.
Customizing a CMAK Package for VPN Quarantine
The clients in a VPN Quarantine configuration must be addressed to properly implement
this type of solution.
Pages:
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474