The Implementing a Network Policy Server module provides you with the instruction and server hardware to develop your hands-on skills in the defined topics. This module includes the following exercises:
- Installing a Network Policy Server
- Configuring a VPN Server and Client
- Viewing NPS Logs
Lab time: It will take approximately 1 hour to complete this lab.
The following exam objectives are covered in this lab:
- SY0-501 2.1 Install and configure network components, both hardware- and software-based, to support organizational security
- SY0-501 2.3 Given a scenario, troubleshoot common security issues
- SY0-501 2.6 Given a scenario, implement secure protocols
- SY0-501 3.2 Given a scenario, implement secure network architecture concepts
- SY0-501 4.2 Given a scenario, install and configure identity and access services
Exercise 1 - Install a Network Policy Server
In this exercise, you will install and configure the Remote Authentication Dial-in User Service (RADIUS), which is implemented within Windows Server 2016 as the Network Policy Server (NPS).
The NPS provides a centralized infrastructure for the following: authentication of dial-in VPN users; authorization for access to network resources; and for counting the number of minutes a dial-in user spends in a remote session.
Exercise 2 - Configure a VPN Server and Client
In this exercise, you will configure the VPN ports for dial-in access to VPN users using the NPS window.
Exercise 3 - View the NPS Logs
Network Policy Server logs provide information about user authentication requests, access-accept messages, access-reject messages, and accounting requests and responses during a VPN session between a server and clients.
In this exercise, you will view the network policy logs and interpret them using a third-party NPS log reader, since Windows Server 2016 does not include a native tool for reading the contents of a NPS log file.