Download presentation
Presentation is loading. Please wait.
Published byAlvin Lane Modified over 9 years ago
1
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 10: Remote Access
2
70-291: MCSE Guide to Managing a Microsoft Windows Server Network 2 Objectives Describe the purpose and features of Windows Server 2003 remote access capabilities Enable and configure Routing and Remote Access Service as a dial-up server Enable and configure Routing and Remote Access Service as a VPN Configure a remote access server Allow remote clients access to network resources Create and configure remote access policies Troubleshoot remote access
3
70-291: MCSE Guide to Managing a Microsoft Windows Server Network 3 Remote Access Overview Allows mobile users access to network resources on the internal network: including files, printers, databases, and e-mail Windows Server 2003 has the ability to be a remote access server
4
70-291: MCSE Guide to Managing a Microsoft Windows Server Network 4 Dial-up Remote Access Oldest type of remote access Allows two computers to connect and transfer information using modems and a phone line V.90 standard allows uploads at 33.6 Kbps while v.92 allows uploads at 48 Kbps Main advantage is availability Main drawback is speed
5
70-291: MCSE Guide to Managing a Microsoft Windows Server Network 5 VPN Remote Access Uses a public network to transmit private information Encryption is used Public network most commonly used is Internet VPN is limited to the speed of the network access method Advantage: high speed and reduced maintenance Drawback: security risk presented by allowing access to network resources from the Internet
6
70-291: MCSE Guide to Managing a Microsoft Windows Server Network 6 Enabling and Configuring a Dial-up Server Windows Server 2003 uses Routing and Remote Access Service to act as a dial-up server A modem must be installed Windows Server 2003 attempts to find a modem through Plug and Play by default A modem can be manually configured
7
70-291: MCSE Guide to Managing a Microsoft Windows Server Network 7 Enabling RRAS for Dial-up Connections Management of RRAS is done with the Routing and Remote Access snap-in A red arrow indicates that RRAS is not started Routing and Remote Access Wizard is used to enable and configure RRAS for the first time A green arrow indicates RRAS is started
8
70-291: MCSE Guide to Managing a Microsoft Windows Server Network 8 Dial-up Protocols LAN protocols supported by RRAS for dial-up networking are: TCP/IP, IPX/SPX, and AppleTalk Remote access protocols supported by RRAS for dial-up networking are: PPP and SLIP The same protocols required by LAN clients are also required by dial-up clients Remote access protocols are only for dial-up and not VPN connections PPP has a number of advantages over SLIP including the ability to automatically configure IP information
9
70-291: MCSE Guide to Managing a Microsoft Windows Server Network 9 Dial-up Protocols (continued)
10
70-291: MCSE Guide to Managing a Microsoft Windows Server Network 10 Dial-up Protocols (continued) PPP has several options that can be enabled to enhance performance: Multilink Connections Dynamic Bandwidth LCP Extensions Software Compression
11
70-291: MCSE Guide to Managing a Microsoft Windows Server Network 11 Dial-up Protocols (continued)
12
70-291: MCSE Guide to Managing a Microsoft Windows Server Network 12 Enabling and Configuring a VPN Server Windows Server 2003 uses RRAS as a VPN server All connectivity accomplished through a regular network card Enabling VPN accomplished using Routing and Remote Access Server Setup Wizard Enabling packet filters should only be chosen if the server has multiple network cards with the filtered card connected to the Internet and the unfiltered cards connected to VPN traffic
13
70-291: MCSE Guide to Managing a Microsoft Windows Server Network 13 Enabling and Configuring a VPN Server (continued)
14
70-291: MCSE Guide to Managing a Microsoft Windows Server Network 14 VPN Protocols PPTP and L2TP are supported for VPN connections by Windows Server 2003 By default, 128 PPTP ports and 128 L2TP ports are provided Can increase the number of ports or you can disable a protocol by setting the number of ports to zero PPTP is the most popular, widely supported, and can function through NAT L2TP cannot provide a VPN connection alone
15
70-291: MCSE Guide to Managing a Microsoft Windows Server Network 15 VPN Protocols (continued)
16
70-291: MCSE Guide to Managing a Microsoft Windows Server Network 16 Configuring Remote Access Servers Default configuration is generally sufficient for day- to-day operations Can specify whether or not the server is a remote access server Can control authentication and logging Can specify whether or not the server is a router for IP, and if it allows IP-based remote access connections Can enable broadcast name resolution
17
70-291: MCSE Guide to Managing a Microsoft Windows Server Network 17 Authentication Methods Windows Server 2003 can use a number of different authentication methods: No Authentication Password Authenticated Protocol Shiva Password Authentication Protocol Challenge Handshake Authentication Protocol Microsoft Challenge Handshake Authentication Protocol Microsoft Challenge Handshake Authentication Protocol version 2 Extensible Authentication Protocol
18
70-291: MCSE Guide to Managing a Microsoft Windows Server Network 18 IP Address Management When dial-up and VPN clients connect to Windows Server 2003, they are assigned an IP address Options for DNS and WINS server are taken from the configuration of a specified interface on the remote access server Windows 2000 and newer clients can send a DHCPINFORM packet after a remote access connection has been established
19
70-291: MCSE Guide to Managing a Microsoft Windows Server Network 19 IP Address Management (continued)
20
70-291: MCSE Guide to Managing a Microsoft Windows Server Network 20 IP Address Management (continued)
21
70-291: MCSE Guide to Managing a Microsoft Windows Server Network 21 Allowing Client Access When remote access is first configured on Windows Server 2003, none of the users are granted remote access permission Remote access permission is controlled by their user object If RRAS does not participate in Active Directory, the user object is stored in the local user account database If RRAS belongs to an Active Directory domain, the user object is stored in the Active Directory database located on the domain controller
22
70-291: MCSE Guide to Managing a Microsoft Windows Server Network 22 Allowing Client Access (continued)
23
70-291: MCSE Guide to Managing a Microsoft Windows Server Network 23 Creating a VPN Client Connection VPN clients are usually configured on client operating systems such as Windows XP Windows Server 2003 can be configured as a VPN client VPN connections are created using the New Connection Wizard
24
70-291: MCSE Guide to Managing a Microsoft Windows Server Network 24 Creating a VPN Client Connection (continued)
25
70-291: MCSE Guide to Managing a Microsoft Windows Server Network 25 Configuring a VPN Client Connection Most configuration is done with the New Connection Wizard You can: Configure the IP address of the VPN server to which you are connecting Configure whether or not an initial connection is created Configure dialing and redialing options Specify if password and data encryption are required Configure the network configuration for VPN connection Configure an Internet connection firewall and Internet connection sharing
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.