Designing A Secure Remote Access Strategy For Client Computers

By Author: unknownmem
Total Articles: 128
Comment this article

The authentication type being used Windows XP Professional(http://www.mcsa-70-270.com)
for example: CHAP, EAP, MS-CHAP, or MS_CHAPv2.
The phone number of the network access server (NAS) or Routing and Remote Access server (must support passing the called ID).
The phone number from which the call was placed.
The day of the week and the time of day of the connection attempt. The day and time used are those of the authorizing server (the RRAS server).
The tunnel type created by the requesting client. Possible tunnel types include: Point-to-Point Tunneling Protocol (PPTP) and Layer Two Tunneling Protocol (L2TP). This attribute can be used to specify pro?file settings, such as authentication method or encryption strength.
The name of the group to which the user or computer account is attempting to connect.
Table 10-2 lists and describes the remote access policy conditions that can be config-ured in a remote access policy that is evaluated when RADIUS is chosen as the authen?tication provider (by I AS).

The authentication type being used—for example: CHAP, EAP, MS-CHAP, or MS_CHAPv2.
...
... The phone number of the network access server (NAS) or Routing and Remote Access serer (must support passing the called ID).
The phone number from which the call was placed.
The name of the RADIUS client requesting authentication. This is configured in the Friendly Name on the Setting
free Microsoft practice questions(http://www.examshots.com/vendor/Microsoft-1.html)
tab in properties of the RADIUS client in IAS. It is a character string (used by IAS).
The IP address of the RADIUS client or the RADIUS proxy. The vendor of the NAS requesting authentication.
The day of the week and the time of day of the connection attempt. The day and time used are those of the authorizing server (the RRAS or I AS server).
The type of framing of the incoming packets—for example: PPP, SLIP, Frame Relay, and x.25 (used by IAS server).
The name of the NAS. It is a character string (used by IAS).
If the connection settings in the user account and the policy profile all match,the connection is allowed. The user account dial-in property page and the
remote access policy profile constraints are evaluated.
f.If the connection settings in the user account and the policy profile do not all match, the connection is rejected.
3.If the connection attempt does not match all of a remote access policy's conditions, the next remote access policy is evaluated.
4.If no remote access policy matches the connection attempt, the connection attempt is rejected.
If the connection is allowed, it is constrained by the profile security+ certification(http://www.upcert.com)
setting in the remote access policy.