Network Administrator Knowledgebase

Feb 28 2008   11:14PM GMT

What NAP is and how it works?

Michael Khanin Michael Khanin Profile: Michael Khanin

Yesterday was the first Windows 2008 event in Canada. The first event was in Toronto and had almost 3000 attendees. Twenty MVPs participated in Ask-The-Expert and I was one of them :). One of the commonly asked questions was question about “What NAP is and how it works?

So, I’d like to show what posted on about NAP:
With the recent launch of Windows Server 2008 you are no doubt spending all your free time playing around with everything new. One thing you might be playing around with is Network Access Protection. There is a great document on getting a DHCP based NAP lab set up but one thing the document is missing is how to configure the NAP client in XP SP3. In Windows Vista you simply start the service then enable the client through the NAP Client Configuration MMC (napclcfg.msc) but XP SP3 does not include the MMC. So how does one configure the NAP Client without a Nap Client configuration tool? Netsh, that is how!

To enable the NAP Client on XP SP3 you need to do the following:

  1. Start –> Run –> Services.msc
  2. Change the Network Access Protection Agent service to start automatically
  3. Start the Network Access Protection Agent service
  4. Start –> Run –> CMD.exe
  5. Type netsh nap client set enforcement ID = ##### Admin = “Enable”
  6. Start –> Run –> GPEdit.msc
  7. Drill down to Computer Configuration | Administrative Templates | Windows Components | Security Center
  8. Enable the Security Center
  9. Start –> Run –> Services.msc
  10. Start the Security Center service

You will need to replace the ##### with the ID based on whichever enforcement method you are using. You can use the following IDs for the various enforcement methods:

  • DHCP = 79617
  • RAS = 79618
  • IPSec = 79619
  • TS Gateway = 79621
  • EAP = 79623

For more labs and information see:

Step-by-Step Guide: Demonstrate IPsec NAP Enforcement in a Test Lab

Step-by-Step Guide: Demonstrate 802.1X NAP Enforcement in a Test Lab

Step-by-Step Guide: Demonstrate VPN NAP Enforcement in a Test Lab

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: