Hi deagegdbhghghgh,
Thanks for posting here.
There are some requirements you should notice in this scenario:
VPN enforcement
When you deploy NAP with VPN enforcement, the enforcement server is a server running the Routing and Remote Access service (RRAS). The VPN server can be deployed
according to any standard VPN design, such as in a perimeter network. VPN NAP enforcement servers have the following connectivity requirements:
·
To authenticate and authorize network connections, VPN enforcement points must have connectivity to one or more NAP health policy servers.
·
If your VPN network design includes a perimeter network, the VPN NAP enforcement server is typically placed in this network with VPN client access and LAN access limited by
devices such as firewalls.
·
VPN enforcement points must be accessible to NAP client computers when they first request network access and after noncompliant computers have remediated their health state.
Meanwhile, performance and reliability are also the important factors you should evaluate, please take time to read the articles below first and decide a suited solution
for your deployment:
Design a Server Placement Strategy
http://technet.microsoft.com/en-us/library/dd125362(WS.10).aspx
NAP Capacity Planning
http://technet.microsoft.com/en-us/library/dd125353(WS.10).aspx
Thanks.
Tiger Li
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community memb
