O'Reilly logo

Windows Server® 2008 Networking and Network Access Protection (NAP) by Microsoft Networking Team, Tony Northrup, Joseph Davies

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Ongoing Maintenance

The areas of maintenance for an IPsec enforcement deployment are the following:

  • Adding a NAP client

  • Adding a new SHA and SHV

  • Managing NAP CAs

  • Managing HRAs

Adding a NAP Client

To add a NAP client, do the following:

  1. Join the NAP client computer to the domain.

  2. Install the SHAs on the NAP client computer.

  3. Add the computer account of the NAP client to the secure network OU or security group.

For a Windows XP SP3–based NAP client, you must also set the HKLM\SYSTEM\CurrentControlSet\Services\PolicyAgent\Oakley\IKEFlags registry value to 0x1c.

For a new non–domain-joined NAP client, follow the steps in Configuring NAP Client Settings earlier in this chapter.

Adding a New SHA and SHV

To add a new SHA and SHV to your IPsec enforcement deployment, ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required