Best Practices Analyzer for Remote Access: Configuration (Section 3)
Applies To: Windows Server 2012 R2
The topics in this section can help you bring Remote Access running on Windows Server 2012 R2 into compliance with configuration best practices. Content in this section is most valuable when you have completed a Best Practices Analyzer scan of Remote Access and you want information about how to interpret and resolve scan results that identify areas of Remote Access that are noncompliant with configuration best practices.
Best Practices Analyzer and configuration rules
The Best Practices Analyzer applies configuration rules to identify settings that might require modification for Remote Access to perform optimally. Configuration rules can help prevent setting conflicts that can result in error messages or prevent Remote Access from carrying out its prescribed duties in an enterprise.
Topics in this section
This section includes the following topics.
RRAS: IdleHoldTimer should not be set to a high value (> 10 sec)
RRAS: Max Prefix policy should be configured for all BGP Peers
RRAS: The total number of prefixes learned is in proximity of the Maximum Allowed Prefixes
RRAS: A triggering route must be configured on the Site-to-Site VPN interface for the BGP peers
RRAS: The Site-to-Site VPN triggering route should be a specific address
RRAS: The Site-to-Site VPN interface's traffic filters should not be blocking BGP traffic
RRAS: The Site-to-Site VPN interface's traffic filters should not be blocking VSID interface traffic
RRAS: The Site-to-Site VPN interface's traffic filters should not be blocking VPN client traffic
RRAS: The VPN static address pool should be configured as custom networks on the BGP router