Install "RSA ACE/Server" on the employer network server and configure it to allow employee remote access to the network identifying a tunneling protocol to create the connection between the network and remote users, and specifying the number of remote connections allowed.
Configure SecureID authentication of remote users by accessing the Routing and Remote Access console in ISA Server Management and select a VPN authentication method from the list provided. Select the "Virtual Private Networks" node in ISA Server Mangement, go to the "Details" widow and select "VPN Clients." In the "Tasks" tab select "Configure VPN Client Access." When the "VPN Clients Properties" dialog box appears, click on the "General" tab, then "Enable VPN Client Access." Enter a number in the box entitled "Maximum umber of VPN Clients Allowed" to designate a maximum number of simultaneous connections. Go to the tab marked "Protocols" and chose a tunneling protocol for remote connection, then click on "Enable L@TP/IPSec."
Designate a means of IP address assignment by clicking on the "Tasks" tab, then selecting "Define Address Assignments." Chose to either assign IP addresses from a DHCP server, or from an address pool.
Enable the selections made above by clicking "Apply" in the ISA Server "Details" window.
Install RSA ACE/Agent server, using the employer network, on each network resource designated for remote access with SecureID. Enable the system policy rule "Allow VPN Clients to Firewall" to allow access to the internal network from the server. Click "Start," "All Programs," "Administrative Tools," "Routing and Remote Access." Right click on the ISA Server computer's designation or name and select "Properties." At the "Security" tab select "Authentication Methods" to bring up its dialog box. Enable "Extensible Authentication Protocol" and click "OK." Go to the "Routing and Remote Access" node and click on "Remote Access Policies." Go to "Details" and double click "ISA Server Default Policy." Click the tab marked "Settings" and select "Edit Profile." Select the "Authentication" tab and select "EAP Methods." Go to the "Select EAP Providers" dialog box and select "Add," click on "RSA SecurID," then close the boxes.
0 comments:
Post a Comment