Information Technology Reference
In-Depth Information
Client Vendor:
Specifies the manufacturer of the RADIUS proxy
Day and Time Restrictions:
Specifies a time window during which the remote
connections will be allowed
Framed Protocol:
Specifies the allowed protocols
MS RAS Vendor:
This description is a placeholder and is not yet defined
NAS Identifier:
Specifies the description of the network access server (NAS) that
originated the request
NAS IP Address:
Specifies the IP address of the NAS that originated the request
NAS Port Type:
Specifies the type of port that is used on the NAS that originated
the request
Service Type:
Specifies the type of service that the user has requested
Tunnel Type:
Specifies restrictions on VPN protocols
Windows Groups:
Specifies that only certain security groups are allowed to establish
connections
3.
Select the option to define whether the user will be granted or denied remote access if
the request meets the policy's conditions. Click the Next button.
4.
Click the Edit button to specify additional, advanced options, or click the Next button to
complete and exit the wizard.
5.
If you proceeded to edit the policy that you were in the process of creating, you can now
specify additional, advanced options, including the following:
Dial-In Constraints:
You can restrict the hours during which remote connections will
be accepted; you can accept connections only to specific phone numbers; and you
can permit connections only from specific media types, such as wireless, cable,
Ethernet, and others.
IP:
You can restrict the method of IP address assignment, such as whether the client
has the ability to request a particular IP address. You can also configure inbound and
outbound address filters. Addresses matching the criteria specified in the filters will
not be permitted to establish a connection; they will be discarded.
Multilink:
You can restrict whether and how multilink connections are permitted,
and you can configure Bandwidth Allocation Protocol (BAP).
Authentication:
You can force connections to authenticate via specific authentica-
tion protocols, such as EAP, MS-CHAP v2, or MS-CHAP. You can also disable the
requirement for any form of authentication if desired.
Encryption:
You can enforce the level of encryption used for the remote session.
Advanced:
You can specify additional parameters, including the dial-up modem
type, the network protocol, specific VPN parameters, and others.
