I'm setting up a Network Policy Server on Server 2008R2 for an SSL VPN on a fortigate firewall. I just installed the role, added the radius client and added a new network policy. There were two network policies already there by default. In order for users to authenticate, I have to disable these two default policies. I don't understand why I have to do this when the VPN Users policy is #1. It appears that the NPS checks all polices and is not just going down the list until one is matched (as it states in Microsofts documentation). Is this a bug? Ideally, I'd like to have those two default ones there to insure all other connection requests are blocked.
↧