The following topics describe how to configure Forefront TMG to work with Network Access Protection (NAP) enforcement.
|Before configuring NAP enforcement, it is assumed that you have configured your virtual private network (VPN) and verified that the VPN connection is working properly.|
- Setting EAP as the
authentication method for VPN clients—Describes how to
configure Forefront TMG to use Extensible Authentication Protocol
(EAP) for authenticating virtual private network (VPN) clients.
- Configuring Forefront
TMG as a RADIUS client—Describes how to set RADIUS as the
network access protocol and the Network Policy Server (NPS) as the
primary RADIUS server.
- Enabling NAP-based
quarantine control—Describes how to configure Forefront TMG to
quarantine VPN clients according to RADIUS server policies.
- Enabling quarantine for
clients that are not NAP-capable—Describes how to configure
Forefront TMG as a Remote Access Quarantine Agent (RQS) listener in
order to support legacy clients.