Information Technology Reference
In-Depth Information
1.
Create a script that will run on the incoming client to validate its configuration.
2.
Create a notification component that will inform the remote access server whether the
script succeeded or failed. Alternatively, you can use the
rqc.exe
executable that comes
with the Windows Server 2003 Resource Kit.
3.
Create a
listener component
that will run on the remote access server. Once this listener
receives information from the notification component that the client has passed its
health checks, the listener will remove the client from quarantine and allow normal
access to the network.
4.
Distribute a Connection Manager profile (created with the Connection Manager
Administration Kit) that includes the script and the notification component to your clients.
By default, both the notification and listener components of NAQC use port 7250, which is
why you need to configure an input filter in the quarantine policy to allow this port. Otherwise,
the listener and notification components would not be able to let each other know the status of
the client and its health checks.
■
Note
NAQC will be greatly improved and streamlined in the next release of Windows Server, in which it
will be called
Network Access Protection
(
NAP
).
See Also
Microso t TechNe : “IAS Network Access Quarantine Control” (
http://www.microsoft.com/
technet/prodtechnol/windowsserver2003/library/ServerHelp/
dba3afac-f178-46bf-9a48-350bfe7ccad8.mspx
)
Microsoft TechNet: “Network Access Protection” (
http://www.microsoft.com/technet/
itsolutions/network/nap/default.mspx)
6-16. Configuring RADIUS Authentication and Accounting
Problem
You want to configure a remote access server to use RADIUS for its authentication and
accounting information.
Solution
Using a Graphical User Interface
1.
Open the Routing and Remote Access MMC snap-in.
2.
Right-click the server name for which you want to configure RADIUS authentication
and accounting and select Properties.
