Professional Documents
Culture Documents
Create a global security group named Desktop Admins in the Admins OU. (Members of the
group will be added later.)
Configure a restricted group policy in the WorkstationGPO object that adds the domain
Desktop Admins group to the local Administrators group on all the workstations.
You can browse for domain groups, but for local group names, you need to type the group
name into the Group field.
Lab Report
Time Spent: 03:22
Score: 2/2 (100%)
TASK SUMMARY
Required Actions
Create the Desktop Admins group
Configure the Restricted Group
EXPLANATION
Complete this lab.
In this lab, your task is to configure AppLocker in the WorkstationGPO on CorpDC as follows:
Lab Report
Time Spent: 04:44
Score: 3/3 (100%)
TASK SUMMARY
Required Actions
Create the Default RulesHide Details
Allow all files located in the Program Files folder
Allow all files located in the Windows folder
Configure a Publisher rule to allow for future updates from the same vendor
Allow the support group to run the Call Center software
EXPLANATION
Complete this lab as follows:
In this lab, your task is to configure the following Power Option policy settings in the
WorkstationGPO policy:
60
Hard disk: Turn off hard disk after 120 Minutes
Minutes
30
Display: Turn off display after 60 Minutes
Minutes
Lab Report
Time Spent: 04:03
Score: 4/4 (100%)
TASK SUMMARY
Required Actions
Set the policy Action to Update
Set the Balanced plan as the active plan
Set Turn off hard disk afterHide Details
On battery: 60 Minutes
Plugged in: 120 Minutes
Set Turn off display afterHide Details
On battery: 30 Minutes
Plugged in: 60 Minutes
EXPLANATION
Complete this lab as follows:
In this lab, your task is to create a shortcut for all computers in the SupportGPO using the preference
settings as follows:
Action: Update
Name: CallStart
Target Type: File System Object
Location: All Users Desktop
Target Path: \\CorpFiles\CallCenter\CallStart.exe
Lab Report
Time Spent: 09:49
Score: 1/1 (100%)
TASK SUMMARY
Required Actions
Create the CallStart policyHide Details
Action: Update
Name: CallStart
Target type: File System Object
Location: All Users Desktop
Target path: \\CorpFiles\CallCenter\CallStart.exe
EXPLANATION
Complete this lab as follows:
Since Jacob works in another building across campus, you don't have time to walk to his office.
In this lab, your task is to test Jacob's connection to the ISP using remote PowerShell commands.
In a live environment, you would call Jacob and tell him how to enable PowerShell
remoting.
Lab Report
Time Spent: 04:43
Score: 7/7 (100%)
TASK SUMMARY
Required Actions & Questions
Q1What is the IP address assigned to Sales1
Your answer:192.168.10.31
Correct answer:192.168.10.31
Q2What is the default router for Sales1
Your answer:192.168.10.5
Correct answer:192.168.10.5
Windows PowerShell remoting enabled on Sales1
Q3What is the default router for ITAdmin
Your answer:192.168.0.5
Correct answer:192.168.0.5
Initiate an interactive PowerShell session with the Sale1 computer from ITAmin
Run a remote tracert to the ISP
Q4Was tracert able to find the ISP
Your answer:192.168.10.5
Correct answer:192.168.10.5
EXPLANATION
Complete this lab as follows:
In this lab, your task is to use Azure Arc to generate a script that will add a single server to Azure Arc
using the following information:
Project details:
o Subscription: CorpNet Production
o Resource group: CorpUK
Server details:
o Region: (Europe) UK South
o Operating system: Windows
Connectivity method:
o Public endpoint
Download the script that was just created to onboard your Windows server.
Verify that the OnboardingScript has been downloaded to the Downloads folder.
Lab Report
Time Spent: 03:13
Score: 4/4 (100%)
TASK SUMMARY
Required Actions
Configure the project details for the new serverHide Details
Subscription = CorpNet Production
Resource group = CorpUK.
Configure the server details for the new serverHide Details
Region = (Europe) UK South.
Operating system = Windows
Configure the connectivity method
Download the Onboarding script
EXPLANATION
Complete this lab as follows:
In this lab, your task is to create an Azure virtual machine using the following information:
Lab Report
Time Spent: 03:36
Score: 4/4 (100%)
TASK SUMMARY
Required Actions
Configure the project details for the new VMHide Details
Subscription: CorpNet Production
Resource Group: CorpNetCloud
Configure the instance details for the new VMHide Details
Server Name: CorpCloud1
Location: (US) West US2
Size: Standard_D4s_v3 - 4 vcpu, 16 GiB memory ($327.04/month)
Configure the administrator account for the new VMHide Details
Username: CorpAdmin
Password: corpP@ssw0rd
Configure the disks for the new VM
EXPLANATION
Complete this lab as follows:
In this lab, your task is to assign an Azure policy using the following information:
Lab Report
Time Spent: 05:40
Score: 2/2 (100%)
TASK SUMMARY
Required Actions
Select the policy definition
Assign the log analytics workspace
EXPLANATION
Complete this lab as follows:
You have installed Windows Server on a new computer and named the new server CorpServer2.
During installation, you created a single volume for the operating system using 200 GB on the first
disk. You also have two additional unused disks installed in the server.
Extend the System (C:) volume to use the remaining space on Disk 0.
Create a new volume using Disk 1 and Disk 2 with the following settings:
o Use all the disk space on Disk 1 and 600 GB (614400 MB) on Disk 2.
o Use M as the drive letter.
o Use the NTFS file system.
o Use Data as the volume label.
Lab Report
Time Spent: 05:09
Score: 2/2 (100%)
TASK SUMMARY
Required Actions
Extend the C: volume
Create the Data volumeHide Details
Create a Spanned volume
Total volume size: 4600 GB (4 TB Disk 1 + 600 GB Disk 2)
Use 600 GB from Disk 2
Assign drive letter M
Use NTFS File System
Create the Data volume
EXPLANATION
Complete this lab as follows:
Lab Report
Time Spent: 06:11
Score: 4/4 (100%)
TASK SUMMARY
Required Actions
Create a storage pool named CorpiSCSI PoolHide Details
Create a new storage space pool named CorpiSCSI Pool
Use all available disks
Hard disk 1 used
Hard disk 2 used
Hard disk 3 used
Create the virtual diskHide Details
Virtual disk name = CorpiSCSI Virtual Disk
Storage Layout: Parity (single)
Provisioning type: Thin
Size: 10 TB
Create a volumeHide Details
Volume assigned to drive S:
File system: NTFS
Allocation unit size: Default
Volume name of Sales
Create a folder on S: named Clients
EXPLANATION
Complete this lab as follows:
In this lab, your task is to configure permissions for each departmental subfolder so that only users
within each department can change their department's files. To complete this task, assign the
permissions specified in the following table:
D:\Departments\
Accounting Resources Full Control
Accounting
Lab Report
Time Spent: 08:54
Score: 4/4 (100%)
TASK SUMMARY
Required Actions
Give the Accounting Resources group Full Control to D:\Departments\Accounting
Give the Research Resources group Full Control to D:\Departments\Research
Give the Sales Resources group Full Control to D:\Departments\Sales
Give the Support Resources group Full Control to D:\Departments\Support
EXPLANATION
While completing this lab, use the following information:
Domain Local
Folder Permissions
Group
Grant the group named Managers the Full Control permission to the H:\Personnel folder.
Remove all inherited permissions that are flowing to the H:\Personnel folder.
You know that you need to prevent permission inheritance if a permission appears grayed out when
you try to modify it.
Lab Report
Time Spent: 01:15
Score: 6/6 (100%)
TASK SUMMARY
Required Actions
Prevent inherited permissions on the H:\Personnel folder
Grant the Managers group Full Control to H:\Personnel
Remove CREATOR OWNER from the permission list
Remove Administrators from the permission list
Remove SYSTEM from the permission list
Remove Users from the permission list
EXPLANATION
Complete this lab as follows:
Lab Report
Time Spent: 01:39
Score: 4/4 (100%)
TASK SUMMARY
Required Actions
Enable quota management for D: drive
Set the default quota limit to a 500 MB limit with a 450 MB warning
Deny users disk space exceeding their quota limit
Enable logging an event when users exceeding their warning level
EXPLANATION
Complete this lab as follows:
Lab Report
Time Spent: 07:35
Score: 3/3 (100%)
TASK SUMMARY
Required Actions
Create a quota entry for the Guest account
Set the quota limit to 500 MB for the Guest account
Set the warning level to 1 KB for the Guest account
EXPLANATION
Complete this lab as follows:
In this lab, your task is to remove all quota limits for the Administrators account.
Lab Report
Time Spent: 01:06
Score: 1/1 (100%)
TASK SUMMARY
Required Actions
Select Do not limit disk usage in the quota entry for the Administrators account
EXPLANATION
Complete this lab as follows:
Members of the Research Resources group should have full control over the folder.
All other users should be able to view the contents of the folder.
Permissions should apply to network access through both the share and local access.
In this lab, your task is to implement a combined share and NTFS permission strategy as follows:
Share the H:\Components folder using the default share name of Components.
Configure share permissions by giving the Everyone group Full Control share permissions.
Configure NTFS permissions for the H:\Components folder by giving the Research
Resources group Full Control permissions.
Keep the remaining NTFS permissions. This allows administrators full control and allows all
other users to read the folder contents.
Lab Report
Time Spent: 04:27
Score: 3/3 (100%)
TASK SUMMARY
Required Actions
Share H:\Components as Components
Grant the group Everyone the Full Control share permissions
Grant the Research Resources group Full Control NTFS permissions to H:\Components
EXPLANATION
Complete this lab as follows:
Lab Report
Time Spent: 01:52
Score: 2/2 (100%)
TASK SUMMARY
Required Actions
Share D:\Users as Home Folders
Keep the default permissions
EXPLANATION
Complete this lab as follows:
Lab Report
Time Spent: 02:34
Score: 1/1 (100%)
TASK SUMMARY
Required Actions
Remove the share name Builds from the H:\Projects folder
EXPLANATION
Complete this lab as follows:
The Remove button is only available when there are at least two share names
for the folder or drive.
Make all files and programs that users open from the H:\Archives shared folder
automatically available offline.
Optimize performance by caching programs and files.
Lab Report
Time Spent: 02:42
Score: 2/2 (100%)
TASK SUMMARY
Required Actions
Enable automatic caching for the Archives shared folder.
Optimize for performance by allowing automatic caching of program files and data files.
EXPLANATION
Complete this lab as follows:
Lab Report
Time Spent: 01:16
Score: 1/1 (100%)
TASK SUMMARY
Required Actions
Disable caching for the Confidential shared folder
EXPLANATION
Disable offline caching for a folder as follows:
Network users report that they can only read data in the Shared folder. They should be able to
create, edit, and delete all folders and files. You want to enable these permissions using the least
administrative effort.
In this lab, your task is to fix the user access problem by granting the Everyone group the Change
share permission for the Shared folder.
Lab Report
Time Spent: 01:13
Score: 1/1 (100%)
TASK SUMMARY
Required Actions
Grant Everyone Change share permissions
EXPLANATION
Complete this lab as follows:
The CorpDC2 server will host a domain namespace and several replicated folders.
The server will replicate with other servers running DFS.
Accounting \\CorpFiles\Accounting
\\CorpFiles16\
Marketing
Marketing
Sales \\CorpFiles16\Sales
The File Server role service is automatically added to manage shared folders that are targets of DFS
folders.
Lab Report
Time Spent: 05:56
Score: 4/4 (100%)
TASK SUMMARY
Required Actions
Add the DFS Namespaces role service
Add the DFS Replication role service
Add the SharedFiles NamespaceHide Details
Name is \\CorpNet.local\SharedFiles
2008 mode domain-based
Create namespace folders and targetsHide Details
Accounting folder
Marketing folder
Sales folder
EXPLANATION
While completing this lab, use the following information:
Folder
Target
Name
Accounting \\CorpFiles\Accounting
Marketing \\CorpFiles16\Marketing
Sales \\CorpFiles16\Sales
In this lab, your task is to create an Azure File Sync service using the following information:
Lab Report
Time Spent: 04:58
Score: 4/4 (100%)
TASK SUMMARY
Required Actions
Subscription: CorpNet Production
Resource group: CorpNetCloud
Storage sync service name: CorpFileSyncService
Region: (US) West US2
EXPLANATION
Complete this lab as follows:
Lab Report
Time Spent: 07:53
Score: 2/2 (100%)
TASK SUMMARY
Required Actions
Create a Storage AccountHide Details
Subscription: CorpNet Production
Resource Group: CorpNetCloud
Storage account name: corpnetstorageaccount
Region: (US) West US2
Redundancy: Geo-redundant storage (GRS)
Create a file share: corpnetfileshare
EXPLANATION
Complete this lab as follows:
After you create a sync group, register the on-premise server, and create the server
endpoint, you will come back to this location and view the files that have synced to the
storage account from the on-premise server.
Lab Report
Time Spent: 01:29
Score: 3/3 (100%)
TASK SUMMARY
Required Actions
Sync Group Name: CorpNetFileSyncGroup
Subscription: CorpNet Production
Azure file share: corpnetfileshare
EXPLANATION
Complete this lab as follows:
Lab Report
Time Spent: 02:32
Score: 2/2 (100%)
TASK SUMMARY
Required Actions
Add CorpFiles as a Server Endpoint
Synchronize D:\
EXPLANATION
Complete this lab as follows:
In this lab, your task is to create two virtual machines named VM1 and VM2. Use the following
settings as specified for each machine:
VM1:
VM2:
Lab Report
Time Spent: 05:25
Score: 2/2 (100%)
TASK SUMMARY
Required Actions
Create virtual machine VM1Hide Details
Virtual machine name: VM1
Virtual machine location: D:\HYPERV
Generation 1
Startup memory: 1024 MB
Networking connection: External
Virtual hard disk name and location: D:\HYPER\Virtual Hard Disks\VM1.vhdx
Virtual hard disk size: 50 GB
Set to install operating system later
Create virtual machine VM2Hide Details
Virtual machine name: VM2
Virtual machine location: D:\HYPERV
Generation 2
Startup memory: 2048 MB
Networking connection: Internal
Virtual hard disk name: VM2.vhdx
Virtual hard disk location: D:\HYPERV\Virtual Hard Disks
Virtual hard disk size: 250 GB
Set to install operating system later
Minimum RAM: 512 MB
Maximum RAM: 4096 MB
EXPLANATION
Complete this lab as follows:
In this lab, use the Hyper-V Manager utility to create two virtual hard disks in the D:\HYPERV\Virtual
Hard Disks directory. Name these disks Test1 and Test2.
Name: Test1
Disk Format: VHD
Disk Type: Fixed size
File name: Test1.vhd
Location: D:\HYPERV\Virtual Hard Disks
Size: 500 GB
Name: Test2
Disk Format: VHDX
Disk Type: Dynamically expanding
File name: Test2.vhdx
Location: D:\HYPERV\Virtual Hard Disks
Size: 4 TB (4096 GB)
Lab Report
Time Spent: 03:04
Score: 2/2 (100%)
TASK SUMMARY
Required Actions
Create the Test1.vhd virtual diskHide Details
Create the virtual disk
Create the disk as a fixed size disk
Configure a size of 500 GB
Create the Test2.vhdx virtual diskHide Details
Create the virtual disk
Create the disk as a dynamically expanding disk
Configure a maximum size of 4 TB (4096 GB)
EXPLANATION
Complete this lab as follows:
The Disk Management utility can be used to create virtual disks. However, this lab is designed to
only use Hyper-V Manager to create the virtual disks
In this lab, you will not perform the final configuration steps of starting the machine and installing the
operation system.
Lab Report
Time Spent: 06:04
Score: 3/3 (100%)
TASK SUMMARY
Required Actions
Create the virtual hard diskHide Details
Create the ParentDisk.vhdx virtual hard disk
Create the disk as a Fixed disk
Configure a size of 50 GB
Create the virtual machineHide Details
Create the virtual machine called ServerParent
Save the virtual machine in D:\HYPERV\
Use Generation 1
Use 2048 MB of RAM
Network is not connected
Use the ParentDisk.vhdx virtual hard disk
Configure the virtual machine to use the Windows Server 2022 ISO file
EXPLANATION
Complete this lab as follows:
Create two new virtual machines using the following parameters (each virtual machine uses
a different name and virtual hard disk, but the same location, generation, size, and network):
o Name: Server1 and Server2
o Location: D:\HYPERV\
o Generation: Generation 2
o Size: 4096 MB
o Network: External
o Virtual hard disk: Server1.vhdx and Server2.vhdx (respectively)
Lab Report
Time Spent: 08:44
Score: 6/6 (100%)
TASK SUMMARY
Required Actions
Delete the ServerParent virtual machine
Set the ParentDisk.vhd file to Read Only
Create the Server1.vhdx diskHide Details
Create the virtual hard disk
Create a differencing disk
Use ParentDisk.vhdx as the parent disk
Create the Server2.vhdx diskHide Details
Create the virtual hard disk
Create a differencing disk
Use ParentDisk.vhdx as the parent disk
Create the Server1 virtual machineHide Details
Create the virtual machine
Use D:\HYPERV\ for the location
Generation 2
Use 4096 MB of RAM
Use the External network
Configure the virtual machine to use Server1.vhdx
Create the Server2 virtual machineHide Details
Create the virtual machine
Use D:\HYPERV\ for the location
Generation 2
Use 4096 MB of RAM
Use the External network
Configure the virtual machine to use Server2.vhdx
EXPLANATION
While completing this lab, use the following information:
1. Delete the ServerParent virtual machine while maintaining its virtual hard disk.
a. From Server Manager, select Tools > Hyper-V Manager.
b. Select CORPSERVER.
c. Right-click ServerParent and select Turn Off.
d. Confirm your decision by selecting Turn Off.
e. Right-click ServerParent and select Delete.
f. Confirm your decision by selecting Delete.
2. Make the virtual hard disk that was used in the ServerParent VM read-only.
a. From the taskbar, select File Explorer.
b. Browse to, and open, the D:\HYPERV\Virtual Hard Disks folder – the
location of the virtual hard disk.
c. Right-click ParentDisk.vhdx and select Properties.
d. At the bottom, select Read-only and then select OK.
e. Close File Explorer.
3. Create two differencing hard disks.
a. From Hyper-V Manager, right-click CORPSERVER and select New > Hard
Disk.
b. Select Next to begin the wizard.
c. Select Next to use the default VHDX disk format.
d. Select Differencing as the disk type, and then select Next.
e. Enter the name for the new hard disk file and then select Next.
f. For Location, select Browse to find the ParentDisk.vhdx parent disk.
g. Double-click ParentDisk.vhdx to use this disk and then select Next.
h. Review your configuration and then select Finish.
i. Repeat step 3 to create the second differencing hard disk.
4. Create two new virtual machines using the two new virtual hard disks just created.
a. From Hyper-V Manager, right-click CORPSERVER and select New > Virtual
Machine.
b. Select Next to begin the wizard.
c. In the Name field, use the name of the virtual machine, and then
select Next.
d. Select the Generation 2 for the virtual machine, and then select Next.
e. In Startup memory, use 4096, and then select Next.
f. Use the Connection drop-down list to select External, and then select Next.
g. Select Use an existing virtual hard disk.
h. Select Browse.
i. Double-click the new existing virtual hard disk just created (such as
Server1.vhdx) to use that disk.
j. Select Next and review your configuration.
k. Select Finish.
l. Repeat step 4 to create the second virtual machine.
With a private switch, virtual machines can communicate with each other, but cannot
communicate with the management operating system or access the physical network.
With an internal switch, virtual machines can communicate with one another and with the
management operating system, but cannot access the physical network.
Lab Report
Time Spent: 02:08
Score: 2/2 (100%)
TASK SUMMARY
Required Actions
Create the Switch 1 virtual switch Hide Details
Create the virtual switch
Use Private as the switch type
Create the Switch 2 virtual switch Hide Details
Create the virtual switch
Use Internal as the switch type
EXPLANATION
Complete this lab as follows:
1. Create Switch 1.
a. From Server Manager, select Tools > Hyper-V Manager.
b. Right-click CORPSERVER and select Virtual Switch Manager.
c. With New virtual network switch highlighted, select Private.
d. Select Create Virtual Switch.
e. In the Name field, use Switch 1 and select Apply.
2. Create Switch 2.
a. From the left pane, select New virtual network switch.
b. Select Internal.
c. Select Create Virtual Switch.
d. Use Switch 2 in the Name field.
e. Select OK.
Create a virtual hard disk named CorpDC.vhd in the D:\HYPERV\Virtual Hard Disks folder.
o Select the format that allows for maximum backwards compatibility.
o Configure the disk for best performance.
o Configure a disk size of 500 GB.
Create a virtual machine, using CorpDC as the name.
o Save the virtual machine in the D:\HYPERV folder.
o Use Generation 1.
o Use 2048 MB of startup memory for the virtual machine.
o Use dynamic memory.
o Configure the network adapter to remain disconnected for now.
o Use the existing CorpDC virtual hard disk file that you created.
o Do not install an operating system (the operating system will be installed from an
image later).
Create an internal virtual switch, using Test Network as the name.
Configure the virtual machine settings.
o Other network hosts should not be able to use this network.
o Add a legacy network adapter to the virtual machine.
o Configure the adapter to use the network you created.
o Configure the virtual machine to boot from the network.
Configure dynamic memory settings:
o Minimum RAM: 512 MB
o Maximum RAM: 4096 MB
o Memory buffer: 30%
Lab Report
Time Spent: 06:50
Score: 5/5 (100%)
TASK SUMMARY
Required Actions
Create the CorpDC.vhd virtual hard diskHide Details
Create the virtual hard disk
Make the disk a fixed size disk
Configure a size of 500 GB
Create the virtual machineHide Details
Create the CorpDC virtual machine
Use 2048 MB of memory
Use dynamic memory
Configure the virtual machine to use the CorpDC.vhd virtual hard disk
Create the virtual switch named Test NetworkHide Details
Create the virtual network
Use Internal as the network type
Configure the virtual machine network settingsHide Details
Create a legacy network adapter
Configure the legacy adapter to use the WDS Network
Configure the BIOS to boot using the legacy network adapter first
Configure the dynamic memory settingsHide Details
Set minimum memory to 512 MB
Set maximum memory to 4096 MB
Set the memory buffer to 30%
EXPLANATION
Complete this lab as follows:
Lab Report
Time Spent: 04:08
Score: 2/2 (100%)
TASK SUMMARY
Required Actions
Create the VHD fileHide Details
Location and filename: C:\MyVHD.vhd
Size: 100 GB
Dynamic
Create the VHD_Vol volumeHide Details
Use all of the space on the VHD (100 GB)
Drive letter: V
Volume label: VHD_Vol
EXPLANATION
Complete this lab as follows:
Download an RDP file that will allow you to connect to CorpCloud1 via RDP.
Run the downloaded RDP file to connect to CorpCloud1 via RDP.
Lab Report
Time Spent: 01:05
Score: 2/2 (100%)
TASK SUMMARY
Required Actions
Download an RDP file that will allow you to connect to CorpCloud1
Connect to CorpCloud1 via RDP
EXPLANATION
Complete this lab as follows:
You have installed Windows Server on the server named CorpRTR, which you plan to use to isolate
the test segment from the rest of the network. You'll use traditional routing or NAT.
In this lab, your task is to add the necessary role and role services to meet the stated requirements.
Do not add unnecessary role services.
Lab Report
Time Spent: 02:39
Score: 2/2 (100%)
TASK SUMMARY
Required Actions
Add the Remote Access role service
Add the Routing role service
EXPLANATION
Complete this lab as follows:
1. Select the Remote Access role to be installed.
a. From Server Manager, select Add roles and features.
b. Select Next to begin the Add Roles and Features wizard.
c. Select Next to use Role-based or feature-based installation type.
d. Select Next to use CorpRTR.CorpNet.local as the destination server.
e. Select Remote Access.
f. Select Add Features to add the features that are required for Remote
Access.
g. Select Next.
h. From the Select Features window, select Next.
2. Select the role services for Remote Access and for Web Server (IIS).
a. From the Remote Access window, select Next.
b. Select Routing, and then select Next.
c. From the Web Server Role (IIS) window, select Next.
d. From the Role Services windows, select Next to use the default IIS options.
e. Select Install.
f. Select Close.
Add the necessary server role and role service(s) to allow CorpNPS to be a RADIUS server.
This server will not respond to remote access client requests. Do not add any unnecessary
role services.
Identify the following servers in NPS as RADIUS clients:
Server/Friendly
IP address
name
CorpVPN1 192.168.0.20
BranchVPN1 192.168.20.20
Lab Report
Time Spent: 16:58
Score: 5/5 (100%)
TASK SUMMARY
Required Actions
Add the Network Policy Server role service to CorpNPS
Configure RADIUS Clients on NPS ServerHide Details
Configure CorpVPN1
Friendly name: CorpVPN1
Configure Address (IP or DNS): 192.168.0.20 or CorpVPN1
Shared secret: J51nj3T%
Vendor: RADIUS Standard
Configure BranchVPN1
Friendly name: BranchVPN1
Configure Address (IP or DNS): 192.168.20.20 or BranchVPN1
Shared secret: J51nj3T%
Vendor: RADIUS Standard
Configure the Sales Network PolicyHide Details
Policy name: Sales
Connection type: Remote Access Server (VPN-Dial up)
Grant access
Ignore Dial-up properties in the AD user account
Authentication method: Microsoft Smart Card or other certificate
Configure BranchVPN1 as a RADIUS clientHide Details
Configure RADIUS for Authentication
Authentication provider: RADIUS Authentication
RADIUS Server name: CorpNPS
Shared secret: J51nj3T%
Configure RADIUS for Accounting
Accounting provider: RADIUS
RADIUS Server name: CorpNPS
Shared secret: J51nj3T%
Configure CorpVPN1 as a RADIUS ClientHide Details
Configure RADIUS for Authentication
Authentication provider: RADIUS Authentication
RADIUS Server name: CorpNPS
Shared secret: J51nj3T%
Configure RADIUS for Accounting
Accounting provider: RADIUS
RADIUS Server name: CorpNPS
Shared secret: J51nj3T%
EXPLANATION
To complete this lab, use the following information:
Server/Friendly
IP address
name
CorpVPN1 192.168.0.20
BranchVPN1 192.168.20.20
Company security policy allows only ports 80 and 443 through the company firewall. The server has
already been configured with certificates to support SSTP. You will not configure network access
policies at this time.
Disable remote access for port types IKEv2, PPTP, and L2TP.