RRAS Server Properties Page - Security Tab

Applies To: Windows 7, Windows Server 2008 R2

Dialog box element Description

Authentication provider

Lists the available authentication providers for remote access or demand-dial authentication.

  • Windows Authentication: The RRAS server uses either its local account database (if not a member of a domain) or an Active Directory domain account database to authenticate remote access or demand-dial connection credentials. The server logs connection authentication information in log files that are configured in the properties of the Remote Access Logging folder.

  • RADIUS Authentication: The RRAS server uses a Remote Authentication Dial-In User Service (RADIUS) server to authenticate remote access or demand-dial connection credentials.

Configure

Click to configure the selected authentication provider. In the RADIUS Authentication dialog box, use Add and Edit to display the Add RADIUS Server dialog box.

Authentication Methods

Click to configure the authentication methods for remote access and demand-dial connections by using the Authentication Methods dialog box.

Accounting provider

Lists the available accounting providers for remote access or demand-dial connections.

  • RADIUS Accounting: The server sends connection accounting information to a RADIUS server.

  • Windows Accounting: The server logs connection accounting information in log files that are configured in the properties of the Remote Access Logging folder.

Configure

Click to configure the selected accounting provider. In the RADIUS Accounting dialog box, use Add and Edit to display the Add RADIUS Server dialog box.

Allow custom IPsec policy for L2TP connection

Specifies whether a Layer Two Tunneling Protocol (L2TP) connection uses a custom Internet Protocol security (IPsec) policy. If you select this check box, you must specify a pre-shared key for use by all connections that use the custom IPsec policy.

Pre-shared Key

Specifies a pre-shared key for use with a custom IPsec policy. This pre-shared key must be configured on each client computer that will connect using this policy.

Use HTTP

Specifies that Secure Socket Tunneling Protocol (SSTP) uses the same certificate that the computer uses for HTTP. Selecting this option disables the certificate list.

Certificate

Specifies the certificate that SSTP uses to authenticate the server to virtual private network (VPN) clients. Click View to see details about the selected certificate.

Additional considerations

If Network Policy Server (NPS) is installed on this server, only Authentication Methods and Allow custom IPsec policy for L2TP connection will be displayed. You use NPS to configure authentication and accounting providers by creating or modifying authentication policies.

Additional references