Configure Client-Specific Remote Access Policies

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Different types of remote access clients need different settings in their remote access policies. The following sections describe design considerations for creating the different types of policies.

Configure Remote Access Policies for VPN Clients

For VPN clients, use the Tunnel-Type attribute to specify the type of tunnel that is created by the requesting client. Tunnel types include the Point-to-Point Tunneling Protocol (PPTP) and the Layer Two Tunneling Protocol (L2TP), which are used by remote access clients and demand-dial routers running Windows XP; Windows Server 2003, Standard Edition; Windows Server 2003, Enterprise Edition; Windows Server 2003, Datacenter Edition; and Windows 2000. You can use this condition to specify profile settings, such as authentication methods or encryption strengths for a specific type of tunneling technology.

Configure Remote Access Policies for Wireless Access Clients

For wireless access clients, create a wireless remote access policy, and then add the condition NAS-Port-Type with the values Wireless-IEEE 802.11 and Wireless-Other.

For more information, see "Wireless access example" in Help and Support Center for Windows Server 2003.

Configure Remote Access Policies for Authenticating Switch Access Clients

For authenticating switch access clients, specify the use of the Ethernet port type for the NAS-Port-Type attribute. By using this port type, you create a separate remote access policy that contains connection parameters specifically designed for authenticating switch nodes.