RAS policies

[Phil Loper]

Can someone tell me how to set up a policy or policies to do the following:

Allow all users dial-out
Allow the users in the dial-in group to dial-in
Allow users in the vpn group to connect with vpn

Thanks

 

[Priya Raghavan [MSFT]]

Policy for "Allow users in the vpn group to connect with vpn" ->
Create a new remote access policy
Select "Set up a Custom Policy"
Add these conditions:
Tunnel Type: with L2TP, PPTP as the selected protocols
Windows Group: select a particular group which has the vpn users
Grant remote access permission
Enter the profile requirements (if any)

For "Allow the users in the dial-in group to dial-in"
Create a new remote access policy
Select "Set up a Custom Policy"
Add these conditions:
NAS Port Type -> Add the port type by which the client connect. Eg:
Async (modem)
Windows Group: select a particular group which has the vpn users
Grant remote access permission

For "Allow all users dial-out"
RAS policies are created on the RAS Server. Is there a requirement to dial
out from the RAS Server also ?
Usually, you dial in to the RAS Servers.

 

[Phil Loper]

For "Allow all users dial-out"
RAS policies are created on the RAS Server. Is there a requirement to dial
out from the RAS Server also ?
Usually, you dial in to the RAS Servers.

Yes, I need for everyone to have dial-out access, but only select users to
have dial-in and/or VPN access. That is where the headache is, I can't
figure out how to differentiate between dial-in and dial-out.

Thanks