Lab Challenge
|
Processing Network Policies
|
Overview
|
To complete this challenge, you will describe how network policies are processed by writing the high-level steps of processing network policies.
|
Mindset
|
During this lab, you started to use NPS policies, specifically the Connection Request policies, and Network Policies. Although the connection request policy specified settings for the RADIUS server, the network policy will allow or disallow the remote access.
|
Completion time
|
10 minutes
|
What are the steps used when processing network policies?
1. In the NPS console tree, double-click Policies, and then click Network Policies
2. Right-click Network Policies, and then click new.
3. Under Policy Name, type a name for the network policy
4. Under Type of network access server, select Remote Access Server (VPN-Dial up),
5. click next. On the Specify Conditions page, click Next. In Select condition,
6. click Policy Expiration, and then add a specified date and time when the policy expires, click Ok. Click next,
7. On the Specify Access Permission, with access granted selected, choose Access is determined by User Dial-in properties (which override NPS policy.) On configure Authentication Methods, select next, On configure constraints, select next
8. On configure settings, select next Click next, and then click Finish.
End of the lab. You can log off or start a different lab. If you want to restart this lab, you’ll need to click the End Lab button in order for the lab to be reset.
Lab Challenge
|
Processing Network Policies
|
Overview
|
To complete this challenge, you will describe how network policies are processed by writing the high-level steps of processing network policies.
|
Mindset
|
During this lab, you started to use NPS policies, specifically the Connection Request policies, and Network Policies. Although the connection request policy specified settings for the RADIUS server, the network policy will allow or disallow the remote access.
|
Completion time
|
10 minutes
|
What are the steps used when processing network policies?
1. The operator attempts to initiate a remote access connection.
2. Remote Access server checks the conditions in the first configured NPS network policy.
3. If the conditions of this NPS network policy do not match, the Remote Access server checks the next configured NPS network policy. It keeps checking each policy until it finds a match or reaches the last policy.
4. Once the Remote Access Server finds an NPS network policy with conditions that match the incoming connection attempt, the Remote Access server checks any constraints (such as time of day or minimum encryption level) that have been configured for the policy.
5. If the connection attempt does not match any configured constraints, the Remote Access Server denies the connection.
6. If the connection attempt matches both the conditions and the constraints of a particular NPS network policy, the remote access server will allow or deny the connection, based on the Access Permissions configured for that policy.
No comments:
Post a Comment