• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Remote access policy

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> VPN >> Remote access policy Page: [1]
Login
Message << Older Topic   Newer Topic >>
Remote access policy - 10.Jul.2006 9:06:32 PM   
nofear

 

Posts: 95
Joined: 28.Nov.2005
Status: offline
hi

i read TOM SHINDER's book and i have a question on the below lines i ook from the book :

-----------------------------------------------------------------------------------------
The VPN Remote Access Policy you created earlier includes all the parameters required for a secure VPN connection. Your decision now centers on how you want to control Remote Access Permissions:


Enable Remote Access on a per group basis: this requires that you run in Windows 2000 Native or Windows Server 2003 functional level.

Enable Remote Access on a per user basis: supported by Windows 2000 Native, Windows 2000 Mixed and Windows Server 2003 functional levels.

Enable Remote Access on both a per user and per group basis: this requires Windows 2000 Native or Windows Server 2003 functional level; granular user-based access control overriding group-based access control is done on a per user basis.

----------------------------------------------------------------------------------------------------

now my question is :
as i learned and know ,when a dial in client request come to the NAS or RRAS >> the RAP policies are checked for a match ,the first RAP is checked for a condition match (could be group membership) , if there is a match then the Dial-in user properites is checked ,if (Allow access) is choosen ,the RAP Profile is checked. If (Allow control through RRAS is choosen) then the Setting (allow access,or deny access) in the RAP is checked .if allow access is choosen>>then the RAP profile is checked.


now my question is : if a user has in his  user account  dail in properties >>Allow access , what this means ? he will be connected to the RRAS and bypass all conditions and profile settings in the RRAS POLICY??
Post #: 1

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> VPN >> Remote access policy Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts