Configuring the NAP Client in XP SP3

The Lazy Admin

Configuring the NAP Client in XP SP3

Sponsor

With the recent launch of Windows Server 2008 you are no doubt spending all your free time playing around with everything new.  One thing you might be playing around with is Network Access Protection.  There is a great document on getting a DHCP based NAP lab set up but one thing the document is missing is how to configure the NAP client in XP SP3.  In Windows Vista you simply start the service then enable the client through the NAP Client Configuration MMC (napclcfg.msc) but XP SP3 does not include the MMC.  So how does one configure the NAP Client without a Nap Client configuration tool?  Netsh, that is how!

To enable the NAP Client on XP SP3 you need to do the following:

1. Start --> Run --> Services.msc
2. Change the Network Access Protection Agent service to start automatically
3. Start the Network Access Protection Agent service
4. Start --> Run --> CMD.exe
5. Type netsh nap client set enforcement ID = ##### Admin = "Enable"
6. Start --> Run --> GPEdit.msc
7. Drill down to Computer Configuration | Administrative Templates | Windows Components | Security Center
8. Enable the Security Center
9. Start --> Run --> Services.msc
10. Start the Security Center service

You will need to replace the ##### with the ID based on whichever enforcement method you are using.  You can use the following IDs for the various enforcement methods:

• DHCP = 79617
• RAS = 79618
• IPSec = 79619
• TS Gateway = 79621
• EAP = 79623

For more labs and information see:

Step-by-Step Guide: Demonstrate IPsec NAP Enforcement in a Test Lab

Step-by-Step Guide: Demonstrate 802.1X NAP Enforcement in a Test Lab

Step-by-Step Guide: Demonstrate VPN NAP Enforcement in a Test Lab

Published Monday, February 11, 2008 9:52 AM by rodney.buike

Filed under: Security, Windows Server, Windows Client