Overview

Introduction

Welcome to the Configuring Advanced Authentication and Authorization Practice Lab. In this module you will be provided with the instructions and devices needed to develop your hands-on skills.

Learning Outcomes

In this module, you will complete the following exercises:

  • Install and Configure Network Policy Server
  • Install and Configure Remote Access Server
  • Configure the VPN Client
  • Viewing the NPS Logs

After completing this lab, you will be able to:

  • Add DNS IP Address on PLABSA01
  • Install Network Policy Server
  • Configure Network Policy Service
  • Configure Network Policy Server Logs
  • Prepare the VPN Interface
  • Install Remote Access Service
  • Initialize Remote Access Management
  • Configure Authentication and Accounting Providers
  • Configure the VPN Ports
  • Specify the VPN Adapter
  • Grant VPN Dial-in Permission
  • Configure a Secondary IP Address for VPN Client
  • Create VPN Client Dialer
  • Check the Status of a VPN Connection
  • Examine the NPS Logs
  • Install Tools to Read the NPS Logs
  • Read the NPS Logs
  • Export NPS Templates

Exam Objectives

The following exam objectives are covered in this lab:

  • CAS-003 4.3 Given a scenario, integrate and troubleshoot advanced authentication and authorization technologies to support enterprise security objectives.

Lab Duration

It will take approximately 1 hour to complete this lab.

Exercise 1 - Install and Configure Network Policy Server

Network administrators deploy remote access servers (RAS) that give mobile users the capability to dial-up and connect to corporate resources like folders, files, and applications. For scalability, network managers add more RAS servers and deploy a modem pool to accommodate more dial-in users. However, this infrastructure upgrade will require more resources to be spent on the hardware, long distance call charges and toll-free telephone service. A company may opt to outsource their remote access services to a third party to save on telephone charges, but there is a security risk of entrusting and managing your dial-up user accounts to an external organization like Internet Service Providers (ISPs).

Fortunately, the problem of managing user accounts and security can be addressed with the use of virtual private networks and Remote Authentication Dial-in User Service (RADIUS). Virtual private networks (VPNs) makes use of an existing Internet connection to connect to corporate network resources. Therefore, a user can be located anywhere in the world and be able to gain access to network resources by using the Internet and then connecting to the VPN server. While RADIUS provides a centralized infrastructure for the authentication of dial-in VPN users, authorization for access to network resources and also counts the number of minutes a dial-in user spends in a remote session.

In this exercise, you will install the Network Policy Server (NPS) which is Microsoft’s implementation of the RADIUS protocol. You will not configure dial-up remote access server but instead, install and set up a VPN server based on Microsoft’s Routing and Remote Access Services.

Learning Outcomes

After completing this exercise, you will be able to:

  • Add DNS IP Address on PLABSA01
  • Install Network Policy Server
  • Configure Network Policy Service
  • Configure Network Policy Server Logs

Exercise 2 - Install and Configure Remote Access Server

In this exercise, you will install and then set up Microsoft Routing and Remote Access Service which will provide the virtual private network (VPN) server.

Learning Outcomes

After completing this exercise, you will be able to:

  • Prepare the VPN Interface
  • Install Remote Access Service
  • Initialize Remote Access Management
  • Configure Authentication and Accounting Providers
  • Configure the VPN Ports
  • Specify the VPN Adapter
  • Grant VPN dial-in permission

Exercise 3 - Configure the VPN Client

After installing and configuring Routing and Remote Access on PLABDM02, you will now prepare a Windows 8.1 client to dial-in to the VPN server.

Learning Outcomes

After completing this exercise, you will be able to:

  • Configure a secondary IP address for VPN client
  • Create VPN Client dialer
  • Check the Status of a VPN Connection

Exercise 4 - Viewing the NPS Logs

When Windows 8.1 connects to a VPN server, be it a success or a failed login, you can view the details of the VPN connection by reading the NPS logs using a third-party log reader.

Learning Outcomes

After completing this exercise, you will be able to:

  • Examine the NPS Logs
  • Install Tools to Read the NPS Logs
  • Read the NPS Logs
  • Export NPS Templates

Comprehensive Learning

See the full benefits of our immersive learning experience with interactive courses and guided career paths.