beautypg.com

Remote access vpn – HP ProLiant DL320 G4 Server User Manual

Page 25

background image

Managing and maintaining the firewall 25

For example, if a Microsoft

®

Windows

®

domain exists on the internal network, configure the PDC

emulator to use the ProLiant DL320 Security Server as its time server. If a Microsoft

®

Windows

®

domain

does not exist, configure the individual clients to synchronize with the ProLiant DL320 Security Server time
server.

Create an access policy enabling both the ProLiant DL320 Security Server and the computers on the LAN
to contact Internet time servers.

1.

In the scope pane of the ISA Server 2004 management console, expand the server name, right-click
the Firewall Policy node, and select New>Access Rule.

2.

On the Welcome to the New Access Rule Wizard page, enter the name for the rule in the Access
rule name text box. In this example, enter

Network Time requested by Local Host and

Internal,

and click Next.

3.

On the Rule Action page, select Allow, and click Next.

4.

On the Protocols page in the This rule applies to list, select Selected protocols, and click Add.

5.

In the Add Protocols text box, select the Infrastructure folder, double-click the NTP (UDP) entry,
and then click Close.

6.

On the Protocols page, click Next.

7.

On the Access Rule Sources page, click Add.

8.

In the Add Network Entities dialog box, select Networks.

9.

Double-click Local Host>Internal, and then click Close.

10.

On the Access Rule Sources page, click Next.

11.

On the Access Rule Destinations page, click Add.

12.

Select the Networks folder, double-click the external entry, and then click Close.

13.

On the Access Rule Destinations page, click Next.

14.

On the User Sets page, click Next.

15.

On the Completing the New Access Rule Wizard page, click Finish.

The ProLiant DL320 Security Server can now perform time synchronization with Internet-based time
servers. If the internal network clients are to synchronize with the ProLiant DL320 Security Server, create
an access rule allowing the internal network access to the local host network using the Network Time
Protocol. In addition, configure the clients to use the correct time server. In Microsoft

®

Windows

®

XP, the

time server configuration is performed in the Date and Time properties dialog box on the Internet Time
tab.

Remote access VPN

A remote access VPN allows computers located virtually anywhere in the world to connect to computers in
the internal network through the ProLiant DL320 Security Server using a VPN connection. The only
requirement is that the client computer has an Internet connection. The ProLiant DL320 Security Server can
be managed from home or any other location by creating a VPN connection to the server. In addition,
other computers can be accessed on the internal network protected by the ProLiant DL320 Security Server.
For comprehensive documentation on how to create and configure site-to-site VPN connections, see the
ProLiant DL320 Security Server Help file and the Microsoft

®

ISA Server 2004 website

(

http://go.microsoft.com/fwlink/?LinkID=27332

).

This manual is related to the following products: