A remote access policy is a named rule that consists of the following
elements:
Conditions
Remote access permission
Profile
Conditions
Remote access policy conditions are one or more attributes that are compared
to the
settings of the connection attempt. If there are multiple conditions, then
all of the
conditions must match the settings of the connection attempt in order for it
to match the
policy.
RRAS policy provides a list of attributes which can be set like
- Authentication Type
- Called Station ID
- Calling Station ID
- Client Friendly Name
- Client IP Address
- Client Vendor
- Day and Time Restrictions
and so on
Remote access permission
If all conditions of a remote access policy are met, remote access
permission is either
granted or denied. You can use either the Grant remote access permission
option or the
Deny remote access permission option to set remote access permission for a
policy.
Remote access permission is also granted or denied for each user account.
The user remote
access permission overrides the policy remote access permission.
Profile
A remote access policy profile is a set of properties that are applied to a
connection
when it is authorized-either through the user account or policy permission
settings.
Eg-
A group can connect only between 5AM and 9AM. Is it a condition or a
profile ?
This example can be specified as a condition. You can make an attempt to
connect only between 5AM - 9AM. But if you have previously connected you can
use the connection until you have specified a profile with Dial-in
constraint "Allow access only on these days and at these times" set to a
specific range.
For more details on the RRAS policy you can look into the Help of IAS under
the "Configure remote access policies" section.
--
Thanks
Sharoon
(e-mail address removed)
This posting is provided "AS IS" with no warranties, and confers no rights.
