How to tell what RRAS policy is being applied??
JayrodEF
Member Posts: 111 ■□□□□□□□□□
Hey all, I'm wondering if there's a way to tell what RRAS policy a particular user is hitting when the log into the VPN in a Windows 2k3 RRAS setup. I've got several policies in effect, and it seems that some are affecting folks that doesn't seem like it should be so I was wondering if I can connect and then tell what policy I hit. Thanks.
Comments
-
undomiel Member Posts: 2,818Turn on logging for authentication requests and check in c:\windows\system32\logfiles and you'll see what user is logging in and is being allowed (or denied) by which policy.Jumping on the IT blogging band wagon -- http://www.jefferyland.com/
-
JayrodEF Member Posts: 111 ■□□□□□□□□□From what I'm seeing it looks like that I need to have IAS installed and running on our VPN server in order to do such logging. Currently we don't have IAS installed. Is there a way to find out this information without installing IAS or is that the only way?
-
undomiel Member Posts: 2,818You don't need IAS. I don't have IAS installed on mine and it works just fine. Are you refering to the Format: IAS option? That's just the style of the log file.Jumping on the IT blogging band wagon -- http://www.jefferyland.com/
-
JayrodEF Member Posts: 111 ■□□□□□□□□□Ok, I guess I must be looking in the wrong place for turning on logging for authentication then. Can you give me a step-by-step on how to enable such logging?
-
undomiel Member Posts: 2,818Open up the RRAS snap-in and click the plus next to your server. In the folder available under there is one labeled "Remote Access Logging" right underneath "Remote Access Policies." Select that one and you'll see an option for Local File in the details panel. Open that one up and you'll be able to enable logging requests, set where the log file is stored, how it is handled and so forth.
http://articles.techrepublic.com.com/5100-10878_11-5744704.html
That article has more details.
If you need more detailed logging than what is provided then you can look into this:
http://support.microsoft.com/kb/161426
It's a royal pain though. I used it once before and the amount of detail you garner (especially when you aren't exactly sure of what you are looking for) can be quite overwhelming.Jumping on the IT blogging band wagon -- http://www.jefferyland.com/