figuring your network policy environment
requires also configuring connection request policies to manage our bar.
So let's go ahead and go through the process of configuring connection request policy.
So here we are on our server.
Let's go ahead and get under our tools menu.
network policy server counsel because that's what we need to be
of what's really open up. Another policy server counsel.
Our management counsel's open up.
We're actually going to
scroll down because we've already done all of our basic configuration. We're gonna scroll down to
policies. So under policies, expand that out.
beautiful screen. What just expanded out sort of policies. Notice we have several. We have health policies,
network policies in connection request policies. So actually, start with the connection requests. Policies
go and click out that
and noticed there's a winner's virtual private connections there, and a used one is authentication for all users. So the default one, which is unspecified. Notice a processing orders 999,999 which means you can have
anything that you want in front of it. That's the
lowest number you can have in the process. Security is going to be whatever order you want to put to bed
that we went Jesse under our connection request policies here.
Go ahead. Right. Click on it and we're gonna do a new one.
So we have a new connection, Request posse.
First, you're gonna give it a policy name.
Doesn't matter what the policy name is. It should be related to what you're trying to do in this particular case. Would call it a date, A VPN
because that's what we're trying to do
and that we actually have to
type of network access server list. So what's their network access server? Is it unspecified, or
is it a specific type? Well, obviously we wanted the VPN, so we're gonna go find VPN under this
click out remote access VPN So quick on that
if it's vendor specific, we could check the box here and change it the information for vendor specific.
But since it's not gender specific, we're going to click out next year,
and we need a condition. So if we're gonna actually have a policy, we need some specifics about that policy. So in our
specified conditions window, we're going to click on add to specify
some conditions. And when we get our condition, who knows? To get a little group listing here we have, like location groups. Use your name
access client. I pee before accident i p v six service type
Free the tunnel type
daytime restrictions. There's several things on this list.
So you noticed you could configure what you need to for our environment
we're going to do in terms of our environment is we're going to set up a
so it's good scrawled on our list.
Get to our passport.
So down here are nasty port type. It says
Network taxes severed Passport type specifies the type of media used to access the client, such as analog phone lines, Eyes D and tunnels or VP, virtual private diaries of virtual private networks,
Tripoli, Attitude Island Wireless and Ethernet switches. So that's what we want. This works. We won't have a port type in there. It won't click on add,
and it's going to give us a port type list, which point at our four type list. We're gonna choose
port type we want, and we're working on a virtual private network, so VPN so we're gonna choose that one. There's actually, like, attitude out. One acts of we're actually working with those type of features, and we have others on the list also,
and you go ahead and click on okay,
and then obviously next, because we actually have our passport type. So we're gonna move on to the next setting.
His says specified connection request 40.
in terms of financial requests boarding, we're going to specify anything.
Well, we don't need to.
methodology. That's default. Here is authenticate request on this server
are never process server
d. C like we did in this case, you might actually afford request to a radius server
for the processing to occur, which means you would actually have to check the box. But since it's on one, you need to you. So we click on next.
It's a specify authentication, Beth.
So how are we gonna authenticate? Well, remember, VPN I can override
this on this one. We actually haven't
the network policy authentications. That is, if I wanted to.
And that could modify that. Or I could go with what? The defaults. I've already set up with for our VPs.
Who gets you going to go with the defaults?
But you notice if you actually choose over right here you have several We Kenichi Addie type eat type. So if you click on add, it gives you your choice. Or, like smart Carter certificate Emma's chap V to peep. We can have any of those were gonna gets off.
Yes, they have. Like,
and allow clients to collect from that Negotiating your African nation.
We definitely want authentication if we're doing a V p. M.
So we're gonna check that mask work with the default settings we've already set up.
We're gonna click on next,
and we get to our configure setting screen. If we needed to do anything specific specific here that we're dealing with a specialized vendor environment we could actually add to here so we could click on add
from our list of vendors notices all we could do something like Cisco but to give us
information. Francisco, we could choose
Nortel Networks. We could use whatever we want to.
We're actually gonna do that. We're gonna hate clothes here
actually move on. We could have to specify a wrong name if we needed to.
And we have a standard radius attributes that you could also. D'oh.
any one of those things that we needed to do, we could, but we don't actually need to do any of those.
So we're actually going to go ahead and click on
and you two are completing the connection Request policy reserved. It says
we're going to do a NASA port for VPN have used the authentication of writers go to be our local computer, which happens to be our domain controller. This environment,
click out, finished.
And now we're back to our list. We have to determine
if we want that to be our primary source of authentication. So here we go for our connection request policy due at the a d n a VPN to be there were to enlist or do you want to be number one on the list?
in this particular buyer, we want to be number one on the list. So if you right click on it,
we have move up, move down Disabled delete renamed duplicate policy like the properties of Policy. So if you click on that gives us the properties of policy, it's enabled, you know, said these conditions that we actually
put it in as you work across your tabs.
We could actually go back and also modify these. Laters.
let's go ahead and move that up.
Put at the top of our list
and they were done. We don't Actually, there is no real saving this. Remember, as we go through the process, everything has saved interactively were actually need to go back and hit the save button.
ability to use a VPN type connection or specific VPN connection.
Call it a datum dot com to connect to our environment with authentication against our 80 environment. And that's how we go through the process of
setting up a connection request policy. That's just one example. Obviously, we could use different types for different environments