Time
1 hour 27 minutes
Difficulty
Intermediate
CEU/CPE
4

Video Description

Configure a Connection Request Policy This lesson covers configuring a connection request policy. Requests policies are an integral part of managing our environment. This lesson offers participants step by step instructions in configuring a connection request policy via the network policy server and using the connection request policies option. You can select the conditions and add the desired NAS port type. You can use different types for different environments.

Video Transcription

00:04
figuring your network policy environment
00:06
requires also configuring connection request policies to manage our bar.
00:12
So let's go ahead and go through the process of configuring connection request policy.
00:16
So here we are on our server.
00:18
Let's go ahead and get under our tools menu.
00:21
Get down to our
00:22
network policy server counsel because that's what we need to be
00:26
of what's really open up. Another policy server counsel.
00:29
Our management counsel's open up.
00:31
We're actually going to
00:32
scroll down because we've already done all of our basic configuration. We're gonna scroll down to
00:37
policies. So under policies, expand that out.
00:43
Hey,
00:44
beautiful screen. What just expanded out sort of policies. Notice we have several. We have health policies,
00:51
network policies in connection request policies. So actually, start with the connection requests. Policies
00:56
go and click out that
00:58
and noticed there's a winner's virtual private connections there, and a used one is authentication for all users. So the default one, which is unspecified. Notice a processing orders 999,999 which means you can have
01:11
anything that you want in front of it. That's the
01:14
lowest number you can have in the process. Security is going to be whatever order you want to put to bed
01:18
that we went Jesse under our connection request policies here.
01:22
Go ahead. Right. Click on it and we're gonna do a new one.
01:23
So we have a new connection, Request posse.
01:26
First, you're gonna give it a policy name.
01:27
Doesn't matter what the policy name is. It should be related to what you're trying to do in this particular case. Would call it a date, A VPN
01:34
because that's what we're trying to do
01:37
and that we actually have to
01:38
type of network access server list. So what's their network access server? Is it unspecified, or
01:46
is it a specific type? Well, obviously we wanted the VPN, so we're gonna go find VPN under this
01:52
click out remote access VPN So quick on that
01:56
if it's vendor specific, we could check the box here and change it the information for vendor specific.
02:01
But since it's not gender specific, we're going to click out next year,
02:07
and we need a condition. So if we're gonna actually have a policy, we need some specifics about that policy. So in our
02:13
specified conditions window, we're going to click on add to specify
02:16
some conditions. And when we get our condition, who knows? To get a little group listing here we have, like location groups. Use your name
02:23
access client. I pee before accident i p v six service type
02:28
Free the tunnel type
02:30
daytime restrictions. There's several things on this list.
02:34
So you noticed you could configure what you need to for our environment
02:38
we're going to do in terms of our environment is we're going to set up a
02:43
nah sport,
02:44
so it's good scrawled on our list.
02:46
Get to our passport.
02:47
So down here are nasty port type. It says
02:51
Network taxes severed Passport type specifies the type of media used to access the client, such as analog phone lines, Eyes D and tunnels or VP, virtual private diaries of virtual private networks,
03:00
Tripoli, Attitude Island Wireless and Ethernet switches. So that's what we want. This works. We won't have a port type in there. It won't click on add,
03:07
and it's going to give us a port type list, which point at our four type list. We're gonna choose
03:15
port type we want, and we're working on a virtual private network, so VPN so we're gonna choose that one. There's actually, like, attitude out. One acts of we're actually working with those type of features, and we have others on the list also,
03:27
and you go ahead and click on okay,
03:30
and then obviously next, because we actually have our passport type. So we're gonna move on to the next setting.
03:36
His says specified connection request 40.
03:39
So
03:40
in terms of financial requests boarding, we're going to specify anything.
03:45
Well, we don't need to.
03:46
It's actually
03:46
they
03:47
methodology. That's default. Here is authenticate request on this server
03:53
If we're not,
03:54
If we don't have
03:55
are never process server
03:58
on a
03:59
d. C like we did in this case, you might actually afford request to a radius server
04:03
for the processing to occur, which means you would actually have to check the box. But since it's on one, you need to you. So we click on next.
04:12
It's a specify authentication, Beth.
04:14
So how are we gonna authenticate? Well, remember, VPN I can override
04:18
this on this one. We actually haven't
04:20
override
04:21
the network policy authentications. That is, if I wanted to.
04:25
And that could modify that. Or I could go with what? The defaults. I've already set up with for our VPs.
04:30
Who gets you going to go with the defaults?
04:32
But you notice if you actually choose over right here you have several We Kenichi Addie type eat type. So if you click on add, it gives you your choice. Or, like smart Carter certificate Emma's chap V to peep. We can have any of those were gonna gets off.
04:47
Yes, they have. Like,
04:48
I'm just happy to
04:50
his chap. We have
04:53
chap
04:54
Paps, Paps
04:55
and allow clients to collect from that Negotiating your African nation.
04:59
We definitely want authentication if we're doing a V p. M.
05:01
So we're gonna check that mask work with the default settings we've already set up.
05:05
We're gonna click on next,
05:08
and we get to our configure setting screen. If we needed to do anything specific specific here that we're dealing with a specialized vendor environment we could actually add to here so we could click on add
05:19
and choose
05:21
from our list of vendors notices all we could do something like Cisco but to give us
05:27
information. Francisco, we could choose
05:30
Nortel Networks. We could use whatever we want to.
05:32
We're actually gonna do that. We're gonna hate clothes here
05:35
and we're gonna
05:36
actually move on. We could have to specify a wrong name if we needed to.
05:41
And we have a standard radius attributes that you could also. D'oh.
05:45
So,
05:46
any one of those things that we needed to do, we could, but we don't actually need to do any of those.
05:49
So we're actually going to go ahead and click on
05:53
next,
05:55
and you two are completing the connection Request policy reserved. It says
05:59
we're going to do a NASA port for VPN have used the authentication of writers go to be our local computer, which happens to be our domain controller. This environment,
06:06
it would click on
06:08
finish,
06:09
click out, finished.
06:11
And now we're back to our list. We have to determine
06:14
if we want that to be our primary source of authentication. So here we go for our connection request policy due at the a d n a VPN to be there were to enlist or do you want to be number one on the list?
06:27
Well, obviously,
06:28
in this particular buyer, we want to be number one on the list. So if you right click on it,
06:32
we have move up, move down Disabled delete renamed duplicate policy like the properties of Policy. So if you click on that gives us the properties of policy, it's enabled, you know, said these conditions that we actually
06:44
put it in as you work across your tabs.
06:46
We could actually go back and also modify these. Laters.
06:48
So
06:49
let's go ahead and move that up.
06:51
Put at the top of our list
06:54
and they were done. We don't Actually, there is no real saving this. Remember, as we go through the process, everything has saved interactively were actually need to go back and hit the save button.
07:04
We've just set up a
07:05
ability to use a VPN type connection or specific VPN connection.
07:12
Call it a datum dot com to connect to our environment with authentication against our 80 environment. And that's how we go through the process of
07:20
setting up a connection request policy. That's just one example. Obviously, we could use different types for different environments

Up Next

Manage a Network Infrastructure

Helping an organization determine how to build, design, and protect their network is a highly demanded skill. Gain a deep understanding of the requirements needed to securely manage a network infrastructure in less than an hour.

Instructed By

Instructor Profile Image
Michael Boberg
CEO of Broadline Enterprises, LLC
Instructor