Your network consists of a single Active Directory domain. The network contains an ISA Server 2006 computer named ISA1. ISA1 is a member of the Active Directory domain. You configure ISA1 as a remote access VPN server that allows both PPTP and L2TP over IPSec remote access client connections. You want to control VPN access by using a remote access policy. You configure ISA1 to allow VPN access to members of the Domain Users global group.
However, VPN connections fail.
You examine the properties of several domain user accounts, and you discover that the Control access through Remote Access Policy option is not available. You need to enable remote access permission by using a remote access policy. What should you do?

A.
Configure a RADIUS-based remote access policy.

B.
Configure the ISA Server remote access policy.

C.
Elevate the domain functional level.

D.
Enable user mapping for VPN client connections.