1 Week #5 Routing and NAT Network Overview Configuring Routing Configuring Network Address Translation Troubleshooting Routing and Remote Access.

Slides:



Advertisements
Similar presentations
Configuring and Troubleshooting Network Connections
Advertisements

5.1 Overview of Network Access Protection What is Network Access Protection NAP Scenarios NAP Enforcement Methods NAP Platform Architecture NAP Architecture.
1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.
1.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.
4.1 Configuring Network Access Components of a Network Access Services Infrastructure What is the Network Policy and Access Services Role? What is Routing.
11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.
Module 10: Troubleshooting Network Access. Overview Troubleshooting Network Access Resources Troubleshooting LAN Authentication Troubleshooting Remote.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 4 Installing and Configuring the Dynamic Host Configuration Protocol.
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 11: Planning Network Access.
Module 10: Configuring Virtual Private Network Access for Remote Clients and Networks.
1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.
MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 13: Troubleshoot TCP/IP.
CN1260 Client Operating System Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+
MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.
Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.
Chapter 8 Administering TCP/IP.
Hands-On Microsoft Windows Server 2003 Networking Chapter 7 Windows Internet Naming Service.
70-270, MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Twelve Implementing Terminal.
Remote Networking Architectures
Virtual Private Network (VPN) © N. Ganesan, Ph.D..
Overview of Routing and Remote Access Service (RRAS) When RRAS was implemented in Microsoft Windows NT 4.0, it added support for a number of features.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 10: Remote Access.
1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 9 Network Policy and Access Services in Windows Server 2008.
Chapter 6 Configuring, Monitoring & Troubleshooting IPsec
Virtual Private Networks (Tunnels). When Are VPN Tunnels Used? VPN with PPTP tunnel Used if: All routers support VPN tunnels You are using MS-CHAP or.
Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.
Network Services Lesson 6. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Setting up common networking services Understanding.
11 NETWORK PROTOCOLS AND SERVICES Chapter 10. Chapter 10: Network Protocols and Services2 NETWORK PROTOCOLS AND SERVICES  Identify how computers on TCP/IP.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
Module 3: Planning and Troubleshooting Routing and Switching.
Module 7: Configuring TCP/IP Addressing and Name Resolution.
Configuring Routing and Remote Access(RRAS) and Wireless Networking
1 Week #7 Network Access Protection Overview of Network Access Protection How NAP Works Configuring NAP Monitoring and Troubleshooting NAP.
Module 8: Configuring Virtual Private Network Access for Remote Clients and Networks.
Module 9: Planning Network Access. Overview Introducing Network Access Selecting Network Access Connection Methods Selecting a Remote Access Policy Strategy.
Module 6: Configuring and Troubleshooting Routing and Remote Access
Objectives Configure routing in Windows Server 2008 Configure Network Address Translation 1.
Configuring and Troubleshooting Remote Access
70-411: Administering Windows Server 2012
Implementing Network Access Protection
Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.
1 Chapter Overview Using the New Connection Wizard to configure network and Internet connections Using the New Connection Wizard to configure outbound.
1 Week 6 – NPS and RADIUS Install and Configure a Network Policy Server Configure RADIUS Clients and Servers NPS Authentication Methods Monitor and Troubleshoot.
Module 8: Designing Network Access Solutions. Module Overview Securing and Controlling Network Access Designing Remote Access Services Designing RADIUS.
20411B 8: Installing, Configuring, and Troubleshooting the Network Policy Server Role Presentation: 60 minutes Lab: 60 minutes After completing this module,
Module 9: Configuring IPsec. Module Overview Overview of IPsec Configuring Connection Security Rules Configuring IPsec NAP Enforcement.
Module 11: Remote Access Fundamentals
VIRTUAL PRIVATE NETWORK By: Tammy Be Khoa Kieu Stephen Tran Michael Tse.
Module 8: Configuring Network Access Protection
11.59 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,
1 Chapter 7: NAT in Internet and Intranet Designs Designs That Include NAT Essential NAT Design Concepts Data Protection in NAT Designs NAT Design Optimization.
Module 9: Designing Network Access Protection. Scenarios for Implementing NAP Verifying the health of: Roaming laptops Desktop computers Visiting laptops.
Page 1 TCP/IP Networking and Remote Access Lecture 9 Hassan Shuja 11/23/2004.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 4 Installing and Configuring the Dynamic Host Configuration Protocol.
Welcome Windows Server 2008 安全功能 -NAP. Network Access Protection in Windows Server 2008.
Configuring Network Access Protection
ERICSON BRANDON M. BASCUG Alternate - REGIONAL NETWORK ADMINISTRATOR HOW TO TROUBLESHOOT TCP/IP CONNECTIVITY.
1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.
1 Welcome to Designing a Microsoft Windows 2000 Network Infrastructure.
Module 5: Network Policies and Access Protection
KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY IT375 Window Enterprise Administration Course Name – IT Introduction to Network Security Instructor.
Module 9: Configuring Network Access
Microsoft Windows NT 4.0 Authentication Protocols
Module Overview Installing and Configuring a Network Policy Server
Implementing Network Access Protection
Planning and Troubleshooting Routing and Switching
Configuring and Troubleshooting Routing and Remote Access
Goals Introduce the Windows Server 2003 family of operating systems
Presentation transcript:

1 Week #5 Routing and NAT Network Overview Configuring Routing Configuring Network Address Translation Troubleshooting Routing and Remote Access

2 Components of a Network Access Services Infrastructure Intranet Remediation Servers Internet NAP Health Policy Server DHCP Server Health Registration Authority IEEE 802.1X Devices Active Directory VPN Server Restricted Network NAP Client with limited access Perimeter Network

3 Network Policy and Access Services ComponentDescription Network Policy Server The Microsoft implementation of RADIUS Server and proxy Routing and Remote Access Provides VPN and dial-up solutions for users, deploys full-featured software routers, and shares Internet connections across the intranet Can be used to provide NAT Services Can provide LAN or WAN routing services to connect network segments. Health Registration Authority Issues health certificates to clients when using IPsec NAP enforcement Host Credential Authorization Protocol Integrates with Cisco network access control server This week

4 Authentication: Network Authentication and Authorization Verifies the credentials of a connection attempt Uses an authentication protocol to send the credentials from the remote access client to the remote access server in either plain text or encrypted form Authorization: Verifies that the connection attempt is allowed Occurs after successful authentication

5 Types of Authentication Methods ProtocolDescriptionSecurity Level PAPUses plaintext passwords.The least secure CHAP A challenge-response authentication protocol that uses the industry-standard MD5 hashing scheme to encrypt the response. Does not protect against remote server impersonation. MS- CHAPv2 Two-way authentication, also known as mutual authentication. The remote access client receives verification that the remote access server that it is dialing in to has access to the user’s password. Provides stronger security than CHAP. EAP Allows for arbitrary authentication of a remote access connection through the use of authentication schemes, known as EAP types, e.g. Certificates, smart cards, etc. Offers the strongest security by providing the most flexibility in authentication variations.

6 Integrating DHCP Servers with the Routing and Remote Access Service You can provide remote clients with IP configurations by using either: A static pool created on the Routing and Remote Access server for use with remote clients The corporate DHCP server located on the corporate LAN DHCP servers running Windows Server 2008: Provide a predefined user class called the Default Routing and Remote Access Class Are useful for assigning options that are provided to Routing and Remote Access clients only

7 What Is a VPN Connection? Large Branch Office Medium Branch Office Small Branch Office Home Office with VPN Client Remote User with VPN Client Corporate Headquarters VPN VPN Server

8 Network Address Translation Allows you to shield internal IP address ranges from public networks by allowing internal clients to access the Internet through a shared IP address 8

9 NAT Components Translation  IP router  Static and dynamic address mapping  Proper translation of header fields  NAT editors Addressing  Public: Static IP bought from ISP or InterNIC  Private: Class A – through Class B – through Class C – through Name resolution

10 NAT Processing of Outbound Internet Traffic

11 NAT Processing of Inbound Internet Traffic

12 Using IPSec

13 TCP/IP Troubleshooting Tools CommandDescription Ipconfig Displays current TCP/IP network configuration values, updates, or releases; DHCP allocated leases; and used to display, register, or flush DNS names Ping Sends ICMP Echo Request messages to verify that TCP/IP is configured correctly and that a TCP/IP host is available Pathping Displays a path of a TCP/IP host and packet losses at each router along the way TracertDisplays the path of a TCP/IP host

14 Logging There are three types of logging for Network Policy Server: Event logging for auditing and troubleshooting connection attempts Logging authentication and accounting requests to a local file Logging authentication and accounting requests to a SQL server database You can configure remote access logging to: Log errors only Log errors and warnings Log all events Not log any events Log additional routing and remote access information

15 Configuring Remote Access Tracing You can configure remote access tracing by using: The Netsh command: Netsh ras diagnostics set rastracing * enabled (enables tracing on all components in RAS) The Registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing Tracing consumes resources, so you should use it for troubleshooting only, and then disable it

16 Common Troubleshooting Solutions Common problems regarding remote access include: Error 800: VPN unreachable Error 721: Remote computer not responding Error 741/742: Encryption mismatch Unable to establish VPN connection L2TP/IPsec issues EAP-TLS issues

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.