Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Week #5 Routing and NAT Network Overview Configuring Routing Configuring Network Address Translation Troubleshooting Routing and Remote Access.

Published byLiliana Reeves Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Week #5 Routing and NAT Network Overview Configuring Routing Configuring Network Address Translation Troubleshooting Routing and Remote Access."— Presentation transcript:

1 1 Week #5 Routing and NAT Network Overview Configuring Routing Configuring Network Address Translation Troubleshooting Routing and Remote Access

2 2 Components of a Network Access Services Infrastructure Intranet Remediation Servers Internet NAP Health Policy Server DHCP Server Health Registration Authority IEEE 802.1X Devices Active Directory VPN Server Restricted Network NAP Client with limited access Perimeter Network

3 3 Network Policy and Access Services ComponentDescription Network Policy Server The Microsoft implementation of RADIUS Server and proxy Routing and Remote Access Provides VPN and dial-up solutions for users, deploys full-featured software routers, and shares Internet connections across the intranet Can be used to provide NAT Services Can provide LAN or WAN routing services to connect network segments. Health Registration Authority Issues health certificates to clients when using IPsec NAP enforcement Host Credential Authorization Protocol Integrates with Cisco network access control server This week

4 4 Authentication: Network Authentication and Authorization Verifies the credentials of a connection attempt Uses an authentication protocol to send the credentials from the remote access client to the remote access server in either plain text or encrypted form Authorization: Verifies that the connection attempt is allowed Occurs after successful authentication

5 5 Types of Authentication Methods ProtocolDescriptionSecurity Level PAPUses plaintext passwords.The least secure CHAP A challenge-response authentication protocol that uses the industry-standard MD5 hashing scheme to encrypt the response. Does not protect against remote server impersonation. MS- CHAPv2 Two-way authentication, also known as mutual authentication. The remote access client receives verification that the remote access server that it is dialing in to has access to the user’s password. Provides stronger security than CHAP. EAP Allows for arbitrary authentication of a remote access connection through the use of authentication schemes, known as EAP types, e.g. Certificates, smart cards, etc. Offers the strongest security by providing the most flexibility in authentication variations.

6 6 Integrating DHCP Servers with the Routing and Remote Access Service You can provide remote clients with IP configurations by using either: A static pool created on the Routing and Remote Access server for use with remote clients The corporate DHCP server located on the corporate LAN DHCP servers running Windows Server 2008: Provide a predefined user class called the Default Routing and Remote Access Class Are useful for assigning options that are provided to Routing and Remote Access clients only

7 7 What Is a VPN Connection? Large Branch Office Medium Branch Office Small Branch Office Home Office with VPN Client Remote User with VPN Client Corporate Headquarters VPN VPN Server

8 8 Network Address Translation Allows you to shield internal IP address ranges from public networks by allowing internal clients to access the Internet through a shared IP address 8

9 9 NAT Components Translation  IP router  Static and dynamic address mapping  Proper translation of header fields  NAT editors Addressing  Public: Static IP bought from ISP or InterNIC  Private: Class A – 10.0.0.0 through 10.255.255.255 Class B – 172.16.0.0 through 172.31.255.255 Class C – 192.168.0.0 through 192.168.255.255 Name resolution

10 10 NAT Processing of Outbound Internet Traffic

11 11 NAT Processing of Inbound Internet Traffic

12 12 Using IPSec

13 13 TCP/IP Troubleshooting Tools CommandDescription Ipconfig Displays current TCP/IP network configuration values, updates, or releases; DHCP allocated leases; and used to display, register, or flush DNS names Ping Sends ICMP Echo Request messages to verify that TCP/IP is configured correctly and that a TCP/IP host is available Pathping Displays a path of a TCP/IP host and packet losses at each router along the way TracertDisplays the path of a TCP/IP host

14 14 Logging There are three types of logging for Network Policy Server: Event logging for auditing and troubleshooting connection attempts Logging authentication and accounting requests to a local file Logging authentication and accounting requests to a SQL server database You can configure remote access logging to: Log errors only Log errors and warnings Log all events Not log any events Log additional routing and remote access information

15 15 Configuring Remote Access Tracing You can configure remote access tracing by using: The Netsh command: Netsh ras diagnostics set rastracing * enabled (enables tracing on all components in RAS) The Registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing Tracing consumes resources, so you should use it for troubleshooting only, and then disable it

16 16 Common Troubleshooting Solutions Common problems regarding remote access include: Error 800: VPN unreachable Error 721: Remote computer not responding Error 741/742: Encryption mismatch Unable to establish VPN connection L2TP/IPsec issues EAP-TLS issues

Download ppt "1 Week #5 Routing and NAT Network Overview Configuring Routing Configuring Network Address Translation Troubleshooting Routing and Remote Access."

Similar presentations

Configuring and Troubleshooting Network Connections

Configuring and Troubleshooting Network Connections
5.1 Overview of Network Access Protection What is Network Access Protection NAP Scenarios NAP Enforcement Methods NAP Platform Architecture NAP Architecture.

5.1 Overview of Network Access Protection What is Network Access Protection NAP Scenarios NAP Enforcement Methods NAP Platform Architecture NAP Architecture.
1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.

1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.
1.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.

1.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.
4.1 Configuring Network Access Components of a Network Access Services Infrastructure What is the Network Policy and Access Services Role? What is Routing.

4.1 Configuring Network Access Components of a Network Access Services Infrastructure What is the Network Policy and Access Services Role? What is Routing.
11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.

11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.
Module 10: Troubleshooting Network Access. Overview Troubleshooting Network Access Resources Troubleshooting LAN Authentication Troubleshooting Remote.

Module 10: Troubleshooting Network Access. Overview Troubleshooting Network Access Resources Troubleshooting LAN Authentication Troubleshooting Remote.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 4 Installing and Configuring the Dynamic Host Configuration Protocol.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 4 Installing and Configuring the Dynamic Host Configuration Protocol.
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.

1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 11: Planning Network Access.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 11: Planning Network Access.
Module 10: Configuring Virtual Private Network Access for Remote Clients and Networks.

Module 10: Configuring Virtual Private Network Access for Remote Clients and Networks.
1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.

1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 13: Troubleshoot TCP/IP.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 13: Troubleshoot TCP/IP.
CN1260 Client Operating System Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+

CN1260 Client Operating System Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.
Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.

Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.
Chapter 8 Administering TCP/IP.

Chapter 8 Administering TCP/IP.
Hands-On Microsoft Windows Server 2003 Networking Chapter 7 Windows Internet Naming Service.

Hands-On Microsoft Windows Server 2003 Networking Chapter 7 Windows Internet Naming Service.
70-270, 70-290 MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Twelve Implementing Terminal.

70-270, MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Twelve Implementing Terminal.
Remote Networking Architectures

Remote Networking Architectures

Similar presentations

Ads by Google