11.59 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,

Slides:



Advertisements
Similar presentations
1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.
Advertisements

Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)
1.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.
4.1 Configuring Network Access Components of a Network Access Services Infrastructure What is the Network Policy and Access Services Role? What is Routing.
11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.
1 Routing and Remote Access Service (Week 15, Friday 4/21/2006) © Abdou Illia, Spring 2006.
Module 5: Configuring Access for Remote Clients and Networks.
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 11: Planning Network Access.
MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.
Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.
70-270, MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Twelve Implementing Terminal.
PPP (Point to Point protocol).  On WAN connection, the protocol depends on the WAN technology and communicating equipment:  Examples:  HDLC –  The.
Chapter 8: Configuring Network Connectivity. Installing Network Adapters Network adapter cards connect a computer to a network. Installation –Plug and.
MCITP Guide to Microsoft Windows Server 2008 Server Administration (Exam #70-646) Chapter 10 Configuring Remote Access.
Network Address Translation, Remote Access and Virtual Private Networks BSAD 146 Dave Novak Sources: Network+ Guide to Networks, Dean 2013.
Virtual Private Network (VPN) © N. Ganesan, Ph.D..
Overview of Routing and Remote Access Service (RRAS) When RRAS was implemented in Microsoft Windows NT 4.0, it added support for a number of features.
Module 6: NAT As a Solution for Internet Connectivity.
1 Chapter Overview Using Remote Access Using Virtual Private Networks Using NAT and ICS Using Terminal Services.
Configuring Routing and Remote Access (RRAS) and Wireless Networking Lesson 5.
Module 11: Supporting Remote Users. Overview Establishing Remote Access Connections Connecting to Virtual Private Networks Configuring Authentication.
Chapter 11: Dial-Up Connectivity in Remote Access Designs
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 10: Remote Access.
1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 9 Network Policy and Access Services in Windows Server 2008.
Virtual Private Networks (Tunnels). When Are VPN Tunnels Used? VPN with PPTP tunnel Used if: All routers support VPN tunnels You are using MS-CHAP or.
Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.
Network Services Lesson 6. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Setting up common networking services Understanding.
Windows Server 2008 Chapter 9 Last Update
Guide to Operating System Security Chapter 9 Web, Remote Access, and VPN Security.
Configuring Routing and Remote Access(RRAS) and Wireless Networking
CN2140 Server II Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+
Chapter 20: Getting from the Office to the Road: VPNs BAI617.
Chapter 12 Chapter 12: Remote Access and Virtual Private Networks.
Module 8: Configuring Virtual Private Network Access for Remote Clients and Networks.
Module 9: Planning Network Access. Overview Introducing Network Access Selecting Network Access Connection Methods Selecting a Remote Access Policy Strategy.
12-Sep-15 Virtual Private Network. Why the need To transmit files securely without disclosing sensitive information to others in the Internet.
Module 6: Configuring and Troubleshooting Routing and Remote Access
Objectives Configure routing in Windows Server 2008 Configure Network Address Translation 1.
Chapter 13 – Network Security
70-411: Administering Windows Server 2012
Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.
1 Chapter Overview Using the New Connection Wizard to configure network and Internet connections Using the New Connection Wizard to configure outbound.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
1 Week 6 – NPS and RADIUS Install and Configure a Network Policy Server Configure RADIUS Clients and Servers NPS Authentication Methods Monitor and Troubleshoot.
Module 8: Designing Network Access Solutions. Module Overview Securing and Controlling Network Access Designing Remote Access Services Designing RADIUS.
1 Chapter 12: VPN Connectivity in Remote Access Designs Designs That Include VPN Remote Access Essential VPN Remote Access Design Concepts Data Protection.
VIRTUAL PRIVATE NETWORK By: Tammy Be Khoa Kieu Stephen Tran Michael Tse.
11.59 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,
Hands-On Microsoft Windows Server Introduction to Remote Access Routing and Remote Access Services (RRAS) –Enable routing and remote access through.
5.1 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning.
Page 1 TCP/IP Networking and Remote Access Lecture 9 Hassan Shuja 11/23/2004.
1 Chapter Overview Password Protection Security Models Firewalls Security Protocols.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network, Enhanced Chapter 11: Internet Authentication Service.
USING ROUTING & REMOTE ACCESS.  When you have only 2 network sites, then only 1 topology is available in which you install a router on each site & connect.
1 Week #5 Routing and NAT Network Overview Configuring Routing Configuring Network Address Translation Troubleshooting Routing and Remote Access.
Routing with Windows Server 2003 Chapter 9. Objectives for this Chapter Manage Routing And Remote Access routing interfaces Manage packet filters Manage.
Using Routing and Remote Access Chapter Five. Exam Objectives in this Chapter:  Plan a routing strategy Identify routing protocols to use in a specified.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 4: Planning and Configuring Routing and Switching.
4.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 12: Implementing Security.
Configure and Security Remote Acess. Chapter 8 Advance Computer Network Lecture Sorn Pisey
Configuring Routing and Remote Access (RRAS) and Wireless Networking Lesson 5.
Windows Vista Configuration MCTS : Advanced Networking.
KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY IT375 Window Enterprise Administration Course Name – IT Introduction to Network Security Instructor.
Module 9: Configuring Network Access
Configuring Routing and Remote Access (RRAS) and Wireless Networking
Microsoft Windows NT 4.0 Authentication Protocols
Configuring and Troubleshooting Routing and Remote Access
Chapter 12: Remote Access and Virtual Private Networks
Presentation transcript:

11.59 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Routing and Remote Access Service (RRAS)  Can be configured on a Windows Server 2003 computer to create a remote access service (RAS) server that can manage hundreds of concurrent dial-up connections or to receive Virtual Private Network (VPN) connections on the internal network  Can also be configured to provide shared Internet access using Network Address Translation (NAT) or to create a secure connection between two servers on the Internet connecting two LANs (Skill 5) Introducing Routing and Remote Access Service (RRAS)

11.60 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS  Remote access service (RAS) server  A computer running Windows Server 2003 and RRAS  Configured specifically to function using a modem or modem pool  Users can dial in from a remote computer that is also configured with a modem  A Virtual Private Network (VPN) server is a type of remote access server Introducing Routing and Remote Access Service (RRAS) (2) (Skill 5)

11.61 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Connection methods used by clients  Dial-up  Establishes a non-permanent connection between a remote access server and remote access client using an analog phone line or ISDN  Remote access server answers the call, authenticates and authorizes the caller, and transfers data  VPN  Establishes a secure point-to-point connection across private networks or a public network such as the Internet  Creates a logical link called a tunnel between a remote user and a private network Introducing Routing and Remote Access Service (RRAS) (3) (Skill 5)

11.62 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS  To establish a dial-up connection, Windows Server 2003 uses either PPP or SLIP WAN protocols  Point-to-Point Protocol (PPP)  Allows remote clients to access network resources  Provides error-checking to detect possible problems prior to data transfer  Serial Line Internet Protocol (SLIP)  An older remote communications protocol used by UNIX computers  Does not provide security  Transfers data without checking for errors Introducing Routing and Remote Access Service (RRAS) (4) (Skill 5)

11.63 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS PPP supports many networking and authentication protocols  Password Authentication Protocol (PAP)  The least secure authentication protocol  Uses plain text passwords for authentication  Shiva Password Authentication Protocol (SPAP)  An authentication protocol used to connect to a Shiva server  More secure than PAP; less secure than CHAP or MS-CHAP  Challenge Handshake Authentication Protocol (CHAP)  Sends a challenge message to the client, the client applies an algorithm to the message to calculate a hash value (a fixed-length number), and sends the value to the server  The server also calculates a value and compares it to the client’s  If the values match, a connection is established Introducing Routing and Remote Access Service (RRAS) (5) (Skill 5)

11.64 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS  MS-CHAP  Microsoft’s version of CHAP  The challenge message is specifically designed for Windows operating systems and one-way encryption is used  MS-CHAP2  Authenticates both the client and the server  A different encryption key is used to transmit and receive data  Extensible Authentication Protocol (EAP)  Used to customize your method of remote access authentication for PPP connections  Supports multiple authentication methods  IEEE 802.1X  New in Windows Server 2003 is support for IEEE 802.1X  Allows wireless and Ethernet LAN connections Introducing Routing and Remote Access Service (RRAS) (6) (Skill 5)

11.65 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure RAS (Skill 5)

11.66 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure Dial-up connections (Skill 5)

11.67 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure SLIP and PPP (Skill 5)

11.68 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS  Secure connections in VPNs are created using PPTP or L2TP  Point-to-Point Tunneling Protocol (PPTP)  An extension of PPP  Installed by default during the installation of RRAS  Layer 2 Tunneling Protocol (L2TP) with IPSec  Also an extension of PPP  Combines features from PPTP and Cisco’s Layer Two Forwarding (L2F) protocol  Bandwidth Allocation Protocol (BAP)  Often referred to as Multilink PPP, is used with PPP to augment the use of multilinked devices  Multilinked devices are several ISDN lines or modem links combined to obtain greater bandwidth  Bandwidth Allocation Control Protocol (BACP) is the control protocol for BAP Introducing Routing and Remote Access Service (RRAS) (7) (Skill 5)

11.69 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure Tunneling (Skill 5)

11.70 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure Configuring BAP and BACP (Skill 5)

11.71 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS  Types of dial-up equipment used to establish a connection between a remote network and a remote access client  POTS (Plain Old Telephone System)  ISDN (Integrated Services Digital Network)  DSL (Digital Subscriber Line)  Cable modem lines  Frame relay  Leased telecommunication lines  Modems (asynchronous and synchronous) Understanding Types of Remote Access Connections (Skill 6)

11.72 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS  Routing and Remote Access Service (RRAS)  Installed automatically during the installation of Windows Server 2003  By default, RRAS is not enabled  You enable and configure RRAS to set up  A remote access server  A VPN  Network Address Translation  A secure connection between two servers  A network router Configuring Remote Access Services (Skill 7)

11.73 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure The Add Server dialog box (Skill 7)

11.74 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure The Configuration screen in the RRAS Setup Wizard (Skill 7)

11.75 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure The Remote Access screen (Skill 7)

11.76 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure The Network Selection screen (Skill 7) If there is more than one network connection configured on the server, this screen will open so that you can select the correct network interface

11.77 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure The RADIUS Server Selection screen (Skill 7) RADIUS servers are used to provide centralized authentication

11.78 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure The Managing Multiple Remote Access Servers screen (Skill 7)

11.79 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure The Routing and Remote Access console (Skill 7)

11.80 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS (Skill 7) Figure The DHCP Relay Agent Properties dialog box Enter the IP address for the DHCP server in the Server address text box and click Add

11.81 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS  Use the RAS Properties dialog box to configure your RAS server  General tab is used to specify whether your computer will be configured as a router, a remote access server, or both  Security tab is used to choose one of two types of authentication providers to validate remote access clients  IP tab is used to specify settings for the IP protocol such as the method for distributing IP addresses to remote clients  PPP tab is used to configure PPP (Point-to-Point Protocol) to specify whether a remote client can establish multilink connections  Logging tab is used to manage and monitor an RRAS server by selecting the types of events you want to record for accounting and security purposes Configuring Remote Access Services (2) (Skill 7)

11.82 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure The General tab in the Properties dialog box (Skill 7)

11.83 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure The Security tab (Skill 7) Click to open the Authentication Methods dialog box to set the authentication protocols

11.84 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Remote access policies  Are used, along with user properties in some cases, to control what connection attempts will be rejected or accepted by an RRAS server  You create them to determine which users can access the network and to prevent unauthorized access  A remote access policy consists of a set of rules and conditions that must be met by a connection before a user can gain access Creating a Remote Access Policy (Skill 8)

11.85 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Components of a remote access policy  Conditions are the criteria a user must meet in order to be granted access  Permissions are located on the Dial-in tab in the user account Properties dialog box  Allow access permission skips the remote access policy and applies the remote access profile  Deny access permission drops the caller  Control access through Remote Access Policy permission checks the permissions in the remote access policy; if they are set to Grant remote access permission, the profile is applied  Remote access profile is a list of settings offered to the client Creating a Remote Access Policy (2) (Skill 8)

11.86 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Remote access profile settings  Allowed dial-in days and times  Connection limits  Allowed dial-in media and phone numbers  Authentication settings  Encryption settings Creating a Remote Access Policy (3) (Skill 8)

11.87 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS  Use the Edit Dial-in Profile dialog box to configure a remote access profile  Dial-in Constraints tab is used to specify the dial-in number and the type of media to be used for a connection  IP tab is used to set the IP properties for a connection  Multilink tab is used to configure the RRAS server to handle multilink calls and to specify the number of ports a single remote client can use at one time  Authentication tab is used to set the authentication protocols (PAP, SPAP, CHAP, MS-CHAP, MS-CHAP v2, EAP)  Encryption tab is used to specify the type of encryption for remote access clients (no encryption, basic, strong, or strongest)  Advanced tab is used to configure connection attributes (RADIUS, frame types, AppleTalk zones, special filters, etc.) Creating a Remote Access Policy (4) (Skill 8)

11.88 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure The Select Attribute dialog box (Skill 8) Attributes that can be set as conditions for a remote access policy

11.89 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure The Dial-in tab in the Properties dialog box for a user (Skill 8) Only available in Windows 2000 native mode or Windows 2003 mode domains. When this option is set, the permissions configured in the remote access policy are checked. If they are set to Grant, the profile is applied. If they are set to Deny, the caller is disconnected.

11.90 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure The Dial-in Constraints tab on the Edit Dial-in Profile dialog box (Skill 8)

11.91 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure The Inbound Filters dialog box (Skill 8) Click to open the Add IP Filter dialog box

11.92 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure The Add IP Filter dialog box (Skill 8) You can create an IP packet filter to control the allowed upper- layer protocols, and the remote IP addresses with which clients are allowed to communicate

11.93 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure The Multilink tab (Skill 8) Select to set Bandwidth Allocation Protocol (BAP) settings; you can dynamically drop a link if bandwidth usage by remote clients drops below a certain threshold

11.94 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure The Routing and Remote Access console (Skill 8) The default remote access policy denies remote access

11.95 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure The Policy Configuration Method screen (Skill 8)

11.96 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure Setting Day and Time Restrictions (Skill 8)

11.97 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure The Time of day constraints dialog box (Skill 8) Time during which the policy will permit users to connect to the remote access server

11.98 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure The Policy Conditions screen Figure The Permissions screen (Skill 8)

11.99 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure The IP tab (Skill 8) Click to open the Inbound Filters dialog box to deny or permit particular IP packets to be processed by the network

© 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure The Encryption tab (Skill 8) Allows clients to connect using 40-bit encryption key MPPE or IPSec encryption Allows clients to connect using 56-bit encryption key MPPE or IPSec encryption Allows clients to connect using 128-bit encryption key MPPE or IPSec encryption Allows clients to connect without using data encryption

© 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS  If you have multiple remote access policies, the RRAS server evaluates them in the order in which they are listed in the Routing and Remote Access console; you can change the order  In RRAS, the properties of individual user accounts or the RRAS policy is used to set which users can access the RRAS server  Your domain must be in Windows 2000 native mode or Windows Server 2003 mode to use RRAS policies  The biggest advantage of RRAS policies is ease of administration Creating a Remote Access Policy (5) (Skill 8)

© 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Creating a Remote Access Policy (6)  In addition to setting remote access permissions on the Dial-in tab in the Properties dialog box for a user account, you can also set callback options  Callback options define how a computer responds when a user dials in  No callback  If you select this option, there will be no callback  Once the connection is established, the computer stays connected and allows access to resources  Set by Caller (Routing and Remote Access Service only)  If you select this option, the server disconnects as soon as a user dials in and calls back on the number that the user indicates  Useful when users need to call in from different locations  Always Callback to  If you select this option, the computer calls back a specified number  Enhances security as a user can establish a connection using only one number (Skill 8)

© 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure Dial-in properties for a user account (Skill 8) Select to allow the user to dial-in to the RRAS server Select to allow the remote client to connect on the first call-in attempt Select to set a callback number that must always be used

© 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Virtual private network (VPN)  A method of using the public telecommunication infrastructure to securely connect two or more subnets  Access is restricted to only certain clients who are authenticated by their user account, subnet, or IP address  A VPN encapsulates, authorizes, and routes data by creating tunnels  A tunnel is a secure, logical link that is established between a remote user and a private network  The Routing and Remote Access service can be used to configure a computer to be a VPN server which can accept both remote access and demand-dial VPN connections from remote access clients Creating a VPN Server (Skill 9)

© 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure Creating a VPN (Skill 9)

© 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure Creating a VPN server (Skill 9)

© 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure Selecting the network interface that connects to the Internet (Skill 9)

© 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS  After configuring the properties for a VPN server, you can create remote access policies and a remote access profile just as you can for a RAS server  By default, if configured to support VPN connections, Windows Server 2003 automatically creates 128 PPTP and 128 L2TP ports for incoming VPN connections  You can change the number of ports if your VPN server needs to support more clients for either protocol  To configure VPN clients,you must enter the FQDN or IP address for the VPN server in the New Connection Wizard Creating a VPN Server (2) (Skill 9)

© 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure The Ports Properties dialog box (Skill 9) Click to open the Configure Device dialog box

© 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure The Configure Device dialog box (Skill 9) If your VPN server needs to support more than 128 VPN clients for this protocol, increase the number of ports

© 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS  ICS is used to create an Internet connection access point with other computers on a home or small network  The ICS-enabled computer has both a public IP address and a private IP address  The clients sharing the connection request Internet access from the ICS-enabled computer, which accesses the Internet for them and passes the information to them  To set up ICS, you need two network connections: one for the LAN and one for the Internet  ICS is only suitable for small networks because only a limited range of private IP addresses can be used and it cannot be extended across subnets Introducing Internet Connection Sharing (ICS) (Skill 10)

© 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS  ICS automatically assigns unregistered non-routable private IP addresses to the client computers on the network in the Class C subnet range  The address for the ICS computer will always be the Windows Server 2003 internal address with a subnet mask of  Public IP addresses are assigned by a registrar and are unique on the Internet Introducing Internet Connection Sharing (ICS) (2) (Skill 10)

© 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure ICS (Skill 10)

© 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure Disabling RRAS (Skill 10)

© 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure Enabling ICS on the Advanced tab (Skill 10) Allows multiple users to connect through a single connection

© 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure The Advanced Settings dialog box (Skill 10) Select services configured on the internal network that can be accessed from the Internet

© 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure The Service Settings dialog box (Skill 10) Enter the IP address or FQDN of the server to which you are enabling access

© 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure Network Connections message box (Skill 10) The address for the ICS computer will always be the Windows internal address ; unregistered non- routable private IP addresses in the Class C subnet range will be assigned to the client computers on the network

© 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS  The ICS server assigns IP addresses and subnet masks to the other computers on the LAN just like a DHCP server  The default gateway for the other computers on the LAN will be the IP address for the ICS-enabled network interface  ICS is generally not suitable for a domain-based network where there is a WINS server, a DNS server, or any other computer with a static IP address  If there is a DHCP server on the network, the DHCP service should be stopped because it may interfere with the DHCP allocator functionality included with ICS Introducing Internet Connection Sharing (ICS) (3) (Skill 10)

© 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure ICS (Skill 10)

© 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure The Internet Options dialog box (Skill 10)

© 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS  Network Address Translation (NAT) also allows computers on a network to share a single Internet connection, but with greater flexibility  The NAT service translates private IP addresses to public IP addresses and vice versa as they are forwarded from client computers to a server or from the server to client computers  Using NAT, you can determine your own IP address range, making NAT extendable for a larger network that has multiple subnets over a routed network  NAT includes a basic firewall to help protect clients from intrusions from the Internet  You can also configure static packet filters to designate the kinds of traffic you will allow to both enter and leave the internal network Introducing Network Address Translation (NAT) (Skill 11)

© 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure NAT (Skill 11)

© 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure Installing NAT (Skill 11)

© 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure The NAT Internet Connection screen (Skill 11) In Windows Server 2003, NAT includes a basic firewall by default

© 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure The General tab on the NAT/Basic Firewall Properties dialog box (Skill 11)

© 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure The Address Assignment tab (Skill 11) Select to automatically assign IP addresses to the client computers on the network using the DHCP allocator

© 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure The Name Resolution tab (Skill 11) Select so that DNS queries will be forwarded to the DNS server configured for the router

© 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS  If you have already enabled a RRAS server, you can add NAT functionality by installing and configuring the NAT protocol  The NAT-configured RRAS server runs a DHCP allocator to assign IP addresses to clients  The NAT clients are configured as DHCP clients so that the RRAS server can allocate IP addresses and subnet masks to them  The IP address for the RRAS server is the default gateway for the NAT clients  A NAT-configured RRAS server can be configured to function as a DNS proxy server for the clients Introducing Network Address Translation (NAT) (2) (Skill 11)

© 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure The New Routing Protocol dialog box (Skill 11)

© 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS, and RRAS Figure The Network Address Translation Properties dialog box (Skill 11) Use to create IP filters to control data traffic based on the IP address of the source or destination, the source or destination port number, and the type of data packet

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.