Information Technology Reference
In-Depth Information
4.
Select the method that you want to use to authenticate your remote users to the server,
and click the Next button when complete. These are the options:
Extensible Authentication Protocol (EAP):
This option applies to certificate-based
authentication.
Microsoft Encrypted Authentication v2 (MS-CHAP v2):
If you select this option,
remote users will be required to supply a password. This option is enabled by default.
This option is not available for wireless access policies.
Microsoft Encrypted Authentication (MS-CHAP):
This option is less secure than
MS-CHAP and should only be used on networks that include operating systems that
do not support MS-CHAP v2. This option is not available for wireless access policies.
■
Note
If you select EAP, you must also select whether you want to use Protected EAP (PEAP) or a smart
card or other certificate.
5.
Select the level of encryption that you want to use on your connections, and click the
Next button when complete. These are the options:
Basic:
IPSec 56-bit DES or MPPE 40-bit
Strong:
IPSec 56-bit DES or MPPE 56-bit
Strongest:
IPSec Triple DES or MPPE 128-bit
No Encryption:
All data is sent in clear-text. This option is not available when config-
uring VPN policies, but it is available for dial-up policies.
6.
Click the Finish button to complete the wizard.
To create a custom policy, follow these steps:
1.
Select the option to Setup a Custom Policy, and provide a convenient name for the
policy in the field below. Then click the Next button.
2.
Specify the conditions that you want to enforce for this policy. Click the Add button to
view a list of predefined conditions. For each condition that you select, click its Add
button to specify the restrictions and parameters. When complete, click the Next button.
These are the options:
Authentication Type:
Specifies the authentication scheme that is used to verify the user
Called Station ID:
Specifies the phone number dialed by the user
Calling Station ID:
Specifies the phone number from which the call originated
Client Friendly Name:
Specifies the friendly name for the RADIUS client, if applicable
Client IP Address:
Specifies the IP address of the RADIUS client
