tailieunhanh - Microsoft Press Windows Server 2008 Networking and Network Access Protection (NAP) phần 10
Trên các nhóm thành viên Cấu hình Máy Nhóm trang, nhóm người sử dụng khi cần thiết, và sau đó kích Next. 6. Trên Cấu hình Một trang Authentication Method, chọn một chứng chỉ máy tính được sử dụng bởi NPS cho xác thực PEAP, và sau đó chọn mật khẩu an toàn (PEAP-MS-CHAP v2), thẻ thông minh hoặc Giấy chứng nhận khác (EAP-TLS) (PEAP-TLS) | 730 Windows Server 2008 Networking and Network Access Protection NAP Figure 18-1 The Select Network Connection Method For Use With NAP page 5. On the Configure User Groups and Machine Groups page add user groups as needed and then click Next. 6. On the Configure An Authentication Method page select a computer certificate used by NPS for PEAP authentication and then select Secure Password PEAP-MS-CHAP v2 Smart Card Or Other Certificate EAP-TLS for PEAP-TLS or both as needed. Figure 18-2 shows an example. 7. Click Next. On the Specify A NAP Remediation Server Group And URL page click Next. Procedures later in this chapter will configure a remediation server group and troubleshooting URL. 8. On the Define NAP Health Policy page select the SHVs that you want to have evaluated for VPN enforcement select the Enable Auto-Remediation Of Client Computers check box as needed and then select Allow Full Network Access To NAP-Ineligible Client Computers even if you want non-NAP-capable clients to eventually have restricted access. Because you want the initial NAP deployment to be reporting mode rather than enforcement mode you must select Allow Full Network Access To NAP-Ineligible Client Computers. During the configuration for enforcement mode you can change the network policy for non-NAP-capable clients to limit their access. Figure 18-3 shows an example. Chapter 18 VPN Enforcement 731 Figure 18-2 The Configure An Authentication Method page Figure 18-3 The Define NAP Health Policy page 732 Windows Server 2008 Networking and Network Access Protection NAP 9. Click Next. On the Completing NAP Enforcement Policy And RADIUS Client Configuration page click Finish. The Configure NAP Wizard creates the following A health policy for compliant NAP clients based on the SHVs selected in the Configure NAP Wizard A health policy for noncompliant NAP clients based on the SHVs selected in the Configure NAP Wizard A connection request policy for NAP-based remote access VPN connections A .
đang nạp các trang xem trước