Checklist: Configure NPS for Dial-Up and VPN Access
Applies To: Windows Server 2008
Checklist: Configuring NPS for dial-up and VPN access
This checklist provides the steps required to deploy dial-up and VPN servers with Network Policy Server (NPS).
| Task | Reference |
|---|---|
Install and configure dial-up and VPN servers. |
RADIUS Server for Dial-Up or VPN Connections and your hardware documentation |
Determine the authentication method that you want to use. |
RADIUS Server for Dial-Up or VPN Connections; Certificate Requirements for PEAP and EAP; and your hardware documentation |
Autoenroll a server certificate to NPS servers or, if you are using PEAP-MS-CHAP v2 only, purchase a server certificate. |
Deploy a CA and NPS Server Certificate and Obtaining and Installing a VeriSign WLAN Server Certificate for PEAP-MS-CHAP v2 Wireless Authentication (https://go.microsoft.com/fwlink/?LinkId=33675) |
If you are using EAP-TLS or PEAP-TLS without smart cards, autoenroll user certificates, computer certificates, or both user and computer certificates, to domain member client computers. |
Deploy Client Computer Certificates and Deploy User Certificates |
Configure dial-up and VPN servers as RADIUS clients in NPS. |
|
Create a user group in Active Directory® Domain Services (AD DS) that contains the users who are allowed to access the network through the switches. |
|
In NPS, configure one or more network policies for dial-up and VPN servers. |
Add a Network Policy; Create Policies for Dial-Up or VPN with a Wizard; Network Policies |