Network: AdminInter 10150186 Instructor: Michael Teske

1
Network Admin-Inter10-150-186Instructor
Michael Teske
2
Routing and Remote Access Service

• RRAS
• Formerly Remote Access Service in NT 4.0

3
Common Applications

• Two functions
• Accepting Inbound calls
• Universal Gateway to your network
• Same functionality as if they were attached to
  the LAN, although slower.
• Connecting one private network to another.
• Placing Outbound calls (DUN)
• Dial Up Networking
• Internet Connectivity
• Internet Gateway utilizing NAT (Network Address
  Translation)

4
Common Applications

• Accepting VPN (virtual private network) from
  remote clients
• Running a secure private network over an insecure
  public network (internet).
• All clients need is an internet connection, a
  valid IP address and then establishing a VPN
  session to the RRAS server.
• Session is secure and encrypted.

5
Things to consider

• How will it be utilized?
• What will be running on your DUN or VPN?
• File-based apps versus client-server apps
• Microsoft Access versus Microsoft SQL Server
• Access requests continuously query the drive
  after each record search.
• QuickBooks-File Based application. It will work,
  however performance will be unacceptable.
• http//quickbooks.intuit.com/
• Microsoft SQL Server a query is sent to the
  server from a client application and the query is
  run at the server and results are then
  transmitted back to the client.
• MAS 200 from Best Software (Peachtree Accounting)
• Client/server version Sage MAS 200 uses the
  latest thin-client architecture to deliver
  high-speed performance across the Internet or via
  a dial-up connection. (http//www.sagesoftware.co
  m/mas90/)

6
ROUTING BETWEEN CONNECTED NETWORKS
7
ROUTING USING MULTIPLE ROUTERS
8
CONFIGURATION OPTIONS FOR REMOTE ACCESS SERVERS
9
CONFIGURING DIAL-UP REMOTE ACCESS
10
CONFIGURING VIRTUAL PRIVATE NETWORKS
11
COMPONENTS OF A VPN
12
CONFIGURING NETWORK ADDRESS TRANSLATION
13
STATIC AND DYNAMIC ROUTES
14
STATIC AND DYNAMIC ROUTING
15
STATIC AND DYNAMIC ROUTING

• Dynamic Routing on RRAS uses
• RIP-used for exchanging routing information among
  small to medium sized networks
• OSPF-used for exchanging routing information
  among large to enterprise sized networks
• IGMP Router and Proxy-used for multicast routing
• DHCP Relay Agent-also considered a routing
  protocol. Routes DHCP packets between segments.

16
ROUTING TABLES
17
Routing Tables

• TO view the table at the command prompt
• C\gtroute print

18
PACKET FILTERING

• Packet filtering determines what types of packets
  are allowed to be transmitted both inbound and
  outbound.

19
AUTHORIZING REMOTE ACCESS CONNECTIONS
20
CONFIGURING A REMOTE ACCESS POLICY
With Remote Access Policies, connections can be
allowed or denied based on group membership, time
of day, user attributes, type of connection as
well as other variables.
21
CENTRALIZING NETWORK ACCESS AUTHENTICATION AND
POLICIES
22
AUTHENTICATION PROTOCOLS Authentication methods
on page 1431

• Extensible Authentication Protocol-Transport
  Layer Security (EAP-TLS)-typically used with
  smart cards.
• Microsoft Challenge Handshake Authentication
  Protocol version 2 (MS-CHAP v2) Default for
  Microsoft, multiple
• Microsoft Challenge Handshake Authentication
  Protocol version 1 (MS-CHAP v1) support for
  legacy systems
• Extensible Authentication Protocol-Message Digest
  5 Challenge Handshake Authentication Protocol
  (EAP-MD5 CHAP)-similar to CHAP-2, but uses MD5
  hashing and provides support for non-Microsoft
  clients.
• Challenge Handshake Authentication Protocol
  (CHAP)-compatible with non-Microsoft clients.
  Does not support encryption of connection data.
• Shiva Password Authentication Protocol
  (SPAP)-weak encryption. Does not support
  encryption of connection data.
• Password Authentication Protocol (PAP)-user
  credentials are sent over network in plain text.