70270: MCSE Guide to Microsoft Windows XP Professional Chapter 8: Internetworking with Remote Access

1
70-270 MCSE Guide to Microsoft Windows XP
Professional Chapter 8 Internetworking with
Remote Access
2
Objectives

• Understand remote access under Windows XP
• Configure various remote access connection types
  for a Windows XP Professional system
• Install remote access hardware
• Understand remote access security
• Understand the Internet Options applet

3
Objectives

• Implement Internet Connection Sharing and the
  Internet Connection Firewall
• Understand the native Internet tools and
  utilities
• Troubleshoot remote access problems

4
Remote Access

• Components
• Clients
• Protocols
• WAN connectivity
• Security
• Server
• LAN protocols

5
Features Of Remote Access in Windows XP

• Standard component
• No manual service installation required

6
PPP Multilink

• Increase overall throughput
• Combine bandwidth of two or more physical
  communication links
• Based on Internet Engineering Task Force (IETF)
  standard RFC 1717

7
VPN Protocols

• Point-to-Point Tunneling Protocol (PPTP)
• Supports multiprotocol VPNs
• Encrypted and secure
• Layer Two Tunneling Protocol (L2TP)
• Developed by Cisco Systems
• Encapsulates PPP frames for transport over
  various networks
• Used in combination with IPSec

8
Restartable File Copy

• Automatically retransmits incomplete file
  transfers
• Faster transmission of large files over
  lower-quality connections
• Reduced cost from avoiding retransmission of the
  whole file
• Reduced frustration from interrupted transfers

9
Idle Disconnect

• Shuts off remote access connection after
  specified period of inactivity
• Reduces the costs of remote access
• Frees up inactive remote access ports

10
Autodial and Logon Dial

• Automatically connect and retrieve files and
  applications stored on remote system

11
Client and Server Enhancements

• Number of client and server components
• Allow third-party vendors to develop remote
  access and dial-up networking applications

12
Look and Feel

• Undergone changes since Windows 2000
• Significantly different from similar utilities in
  Windows NT and Windows 95/98
• Integrated with networking components
• Network Connections
• Multipurpose management interface
• Both standard LAN networking links and remote
  access links are established and configured

13
Callback Security

• Control access to the system from specified phone
  numbers
• Calls may originate only from known phone number
  locations
• Remote access client can set the phone number
  dynamically

14
WAN Connectivity

• Create WAN by connecting existing LANs
• Remote access over
• Telephone
• ISDN
• Cable modems
• Campus networks
• Other communication lines
• Cost-effective solution if you have minimal to
  moderate network traffic between sites

15
Internet Network Access Protocols

• Supports all standard protocols for remote
  Internet access
• Remote access protocol dependent on the client
  and server OS and LAN protocols

16
PPP

• Current standard for remote access
• Microsoft recommends using PPP
• Flexible
• Industry standard

17
PPTP

• Allows you to establish a secure remote access
  pipeline over the Internet
• Tunnel IPX or TCP/IP traffic inside PPP packets
• Significant features
• Low transmission costs
• Hardware costs
• Administrative overhead
• Improved security

18
PPP-MP

• Combines two or more physical remote access links
  into one logical bundle with greater bandwidth
• Can combine analog and digital links
• All connections to be aggregated must be of the
  same technology type

19
SLIP

• One of the first protocols developed specifically
  for TCP/IP support over dial-up connections
• Included in Windows XP for backward-compatibility
• Does not support Dynamic Host Configuration
  Protocol (DHCP)

20
IPSec

• Security measure added to TCP/IP
• Negotiates secure encrypted communications link
• Uses public and private encryption key management
• Can be used over RAS/WAN link
• Can be used within LAN

21
Telephony Features

• TAPI
• Remote access Telephony API
• Supplies uniform way of accessing
• Fax
• Data
• Voice
• Part of Windows Open System Architecture (WOSA)

22
Remote Access Configuration

• Integrated default component of Windows XP
• Configured and managed from Network Connections
  window

23
Network Connections Window
24
Installing Remote Access Hardware

• Hardware must be installed before remote
  connection established
• Windows XP inspects hardware and attempts to
  identify any new devices
• Windows XP attempts to locate and install drivers
  for new device

25
Phone and Modem Options

• Primary Control Panel applet for managing remote
  access devices and operations
• Used to control
• Dialing rules
• Configure remote access devices
• Configure telephony driver properties

26
Connecting to the Internet

• Connect to the Internet Wizard
• Choose from a list of Internet service providers
  (ISPs)
• Set up my connection manually
• Use the CD I got from an ISP

27
Connection Status Dialog Box
28
Internet Connection Sharing

• Used to share single network connection with
  small group of networked computers
• Enabled on Advanced tab of connection objects
  Properties dialog box
• Incorporates
• Network Address Translation (NAT) function
• Dynamic Host Configuration Protocol (DHCP)
  address allocator
• Domain Name System (DNS) proxy

29
Internet Connection Firewall

• Security measure for protecting network
  connections from unwanted traffic
• Can set restrictions on traffic in and out of
  network to an external network or the Internet
• Much-needed feature for systems that employ
  shared broadband connections
• Stateful firewall
• Blocks most incoming traffic by default

30
Connecting to the Network at My Workplace

• Virtual Private Networking (VPN)
• Trend in mobile computing
• Employs the Internet as long-distance carrier to
  enable distant, secure LAN connections
• Windows XP VPN
• Encrypts all traffic
• Setup with New Connection Wizard

31
Setting Up an Advanced Connection

• Used to
• Establish direct connection between two systems
• Transfer large amount of data with no network
  connection
• Use serial or parallel cable
• Configure system to answer inbound dial-up calls
• Can act as remote access server for single
  incoming connection
• Only for special-purpose applications

32
Alternate IP Configuration

• Available whenever networking connection object
  uses DHCP
• Preconfigure alternate default IP configuration
  if DHCP fails
• Prevents APIPA address from being assigned

33
Remote Access Security

• Built on Windows XP local and network security
• Dial-up connection objects
• Authentication and encryption security options
• VPN
• Used to secure remote access

34
Certificates

• Provide proof of identity for network and
  Internet communications
• Allow systems to trust unknown online parties for
  the purposes of
• Exchanging information
• Exchanging Data
• Performing e-commerce
• Product of cryptographic mechanism known as
  public key infrastructure (PKI)

35
Certificates (continued)

• Certificate Authority (CA)
• Responsible for
• Creating
• Issuing
• Managing
• Revoking certificates
• Can be server computer system within
  organizations network or service offered by
  independent third-party organization

36
Internet Options Applet

• Used to define settings for Internet Explorer and
  general Internet access
• Four Web zones
• Internet
• Local intranet
• Trusted sites
• Restricted sites

37
Internet Options Applet (continued)

• Security restrictions
• Low
• Medium Low
• Medium
• High

38
Windows XP and the Internet

• Tools to help access the Internet
• Internet Explorer
• Outlook Express
• FTP client,
• Telnet client
• Internet Information Server (IIS)

39
Internet Explorer

• Version 6.0 is included
• State-of-the-art Web browser
• Tightly integrated with other Windows
  applications
• Wide range of security related configuration
  options
• Can be used as FTP client.

40
Outlook Express

• Popular e-mail client utility
• Part of Microsoft Office
• Outlook Express included in Windows XP
• Used to read and write e-mail
• Used to file and sort messages
• Contact management tool

41
FTP Client

• Command-line implementation of FTP client
  included in Windows XP
• Numerous freeware and shareware GUI
  implementations
• More user-friendly

42
Telnet Client

• Simple tool provided in Windows XP
• Attempts to establish Telnet session with remote
  system based on domain name or IP address

43
Internet Information Server

• Reduced functionality version of Internet
  Information Server (IIS) included with Windows XP
• Allows system to host Web and FTP services
• Limited to 10 simultaneous connections
• Not designed or intended for public Web/FTP site
  hosting

44
Order Prints Online

• Feature of the My Pictures folder
• Starts the Online Print Ordering Wizard
• Requires that Internet access be available

45
Client Vs. Server-based Remote Access

• Limited to a single incoming dial-up connection
• Can support only 10 simultaneous network
  connections
• Can share an Internet link with a workgroup

46
Remote Access Troubleshooting

• Problems can be fairly elusive
• Check
• Physical connections (phone lines, serial cables,
  etc.)
• Power to external devices
• Properly installed and updated drivers
• Properly configured settings
• Correct authentication credentials
• Similar encryption or security requirements
• Proper protocol requirements and settings

47
Remote Access Troubleshooting (continued)

• Log files
• File containing all communications made between
  the OS and modem device during connection
  establishment
• PPP.LOG
• System log

48
Summary

• Windows XP works with various internetworking and
  remote access protocols
• Windows XP provides security and encryption
  features for remote access
• Internet Connection Sharing can be used to share
  a single ISP link with a small network
• Certificates are used to prove identity and
  support secured online transactions