Presentation is loading. Please wait.

Presentation is loading. Please wait.

MCITP Guide to Microsoft Windows Server 2008 Server Administration (Exam #70-646) Chapter 10 Configuring Remote Access.

Published byShonda Nelson Modified over 8 years ago

Similar presentations

Presentation on theme: "MCITP Guide to Microsoft Windows Server 2008 Server Administration (Exam #70-646) Chapter 10 Configuring Remote Access."— Presentation transcript:

1 MCITP Guide to Microsoft Windows Server 2008 Server Administration (Exam #70-646) Chapter 10 Configuring Remote Access

2 MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 2 Learning Objectives Understand Windows Server 2008 remote access services Implement and manage a virtual private network Configure a VPN server Configure a dial-up remote access server Troubleshoot virtual private network and dial-up remote access installations

3 Learning Objectives (cont’d.) Install and configure Terminal Services MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 3

4 Introduction to Remote Access Routing and Remote Access Services (RRAS) –Enable routing and remote access through virtual private networking and dialup networking Virtual private network (VPN) –Tunnel through a larger network that is restricted to designated member clients only Dial-up networking –Using a telecommunications line and a modem to dial into a network or specific computers on a network MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 4

5 Introduction to Remote Access (cont’d.) Modem –Modulator/demodulator –Converts a transmitted digital signal to an analog signal for a telephone line –Converts a received analog signal to a digital signal for use by a computer RRAS –Turns server into a dial-up Remote Access Services (RAS) server capable of handling hundreds of simultaneous connections MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 5

6 MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 6 Figure 10-1 A VPN network Courtesy Course Technology/Cengage Learning

7 Implementing a Virtual Private Network VPN –Uses LAN and tunneling protocols –Encapsulates data as it is sent across a public network Benefits of using a VPN –Users can connect through a local ISP to the local network –Ensures that any data sent across a public network is secure –Encrypted tunnel MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 7

8 Using Remote Access Protocols Function of the remote access protocol –Encapsulate a packet –TCP/IP is the most commonly used transport protocol Encapsulated in a remote access protocol for transport over a WAN Other legacy transport protocols –IPX for legacy NetWare networks –NetBEUI for legacy Microsoft networks –Not supported by Windows Server 2008 MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 8

9 Using Remote Access Protocols (cont’d.) Serial Line Internet Protocol (SLIP) –Originally designed for UNIX environments –Provides point-to-point communications using TCP/IP Compressed Serial Line Internet Protocol (CSLIP) –Newer version of SLIP –Compresses header information in each packet SLIP and CSLIP do not support –Network connection authentication MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 9

10 Using Remote Access Protocols (cont’d.) –SLIP and CSLIP do not support (cont’d.) Automatic negotiation of the network connection through multiple network connection layers at the same time Point-to-Point Protocol (PPP) –Has more capability than SLIP Remote access protocols –Point-to-Point Tunneling Protocol –Layer Two Tunneling Protocol –Secure Socket Tunneling Protocol MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 10

11 Using Remote Access Protocols (cont’d.) Point-to-Point Tunneling Protocol (PPTP) –Offers PPP-based authentication techniques –Encrypts data carried by PPTP through using Microsoft Point-to-Point Encryption Microsoft Point-to-Point Encryption (MPPE) –Starting-to-ending-point encryption technique that uses special encryption keys varying in length from 40 to 128 bits MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 11

12 Using Remote Access Protocols (cont’d.) Layer Two Tunneling Protocol (L2TP) –Works similarly to PPTP IP Security (IPsec) –IP-based secure communications and encryption standards created through the Internet Engineering Task Force (IETF) Secure Socket Tunneling Protocol (SSTP) –Employs PPP authentication techniques –Encapsulates data packet in the Hypertext Transfer Protocol (HTTP) MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 12

13 Using Remote Access Protocols (cont’d.) Secure Sockets Layer (SSL) –Data encryption technique employed between a server and a client PPP, PPTP, and L2TP are available in: –Windows 2000, Windows XP, Windows Vista, Windows 7 –Windows 2000 Server, Windows Server 2003, Windows Server 2008 SSTP is available in: –Windows Server 2008, Windows Vista, Windows 7 MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 13

14 Using Remote Access Protocols (cont’d.) MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 14 Table 10-1 Communications technologies

15 Configuring a VPN Server Install Network Policy and Access Services role Configure a Microsoft Windows Server 2008 server as a network’s VPN server –Configure protocols to provide VPN access to clients Configure a VPN server as a DHCP Relay Agent for TCP/IP communications Configure the VPN server properties Configure a remote access policy for security MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 15

16 Configuring a VPN Server (cont’d.) Windows Server 2008 requires at least two network interfaces in the computer: –One for the connection to the LAN –One for a connection to the physical VPN network Activity 10-1: Installing Network Policy and Access Services –Objective: Learn how to install Routing and Remote Access Services Activity 10-2: Setting Up a VPN Server –Objective: Set up a VPN server MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 16

17 Configuring a VPN Server (cont’d.) MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 17 Table 10-2 Routing and remote access options

18 Configuring a VPN Server (cont’d.) MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 18 Table 10-3 Ports to open in the Windows Firewall for a VPN

19 Configuring a DHCP Relay Agent DHCP Relay Agent –Broadcasts IP configuration information –Use Routing and Remote Access tool to configure VPN server as a DHCP Relay Agent Activity 10-3: Configuring a DHCP Relay Agent –Objective: Set up a DHCP Relay Agent Activity 10-4: Additional DHCP Relay Agent Configuration –Objective: Configure the DHCP Relay Agent hop count MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 19

20 Configuring VPN Properties Routing and Remote Access tool –Right-click the VPN server in the tree –Click Properties MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 20 Figure 10-9 Configuring the interface properties Courtesy Course Technology/Cengage Learning

21 Configuring VPN Properties (cont’d.) MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 21 Figure 10-10 VPN server properties Courtesy Course Technology/Cengage Learning

22 Configuring VPN Properties (cont’d.) MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 22 Table 10-4 VPN server properties tabs

23 Configuring Multilink and Bandwidth Allocation Protocol Multilink –Combine or aggregate two or more communications channels so they appear as one large channel –Aggregated links Multilink must be implemented in the client as well as in the server –Older connection technology compared with DSL or wireless metropolitan area networks Bandwidth Allocation Protocol (BAP) –Ensure that a client’s connection has enough speed or bandwidth for a particular application MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 23

24 Configuring Multilink and Bandwidth Allocation Protocol (cont’d.) Windows Server 2008 version of Multilink PPP –Supports Bandwidth Allocation Control Protocol (BACP) –Selects a preferred client when two or more clients vie for the same bandwidth Activity 10-5: Using Multilink –Objective: Configure a VPN (or RAS) server to use Multilink MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 24

25 Configuring VPN Security When a user accesses a VPN server: –Access is protected by the account access security that already applies Through a group policy or the default domain security policy Elements of a Remote Access Policy –Access permission –Conditions –Constraints –Settings MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 25

26 Configuring VPN Security (cont’d.) Establishing a Remote Access Policy –Use Routing and Remote Access tool Accessed via Administrative Tools or as an MMC snap- in Activity 10-6: Configuring a Remote Access Policy –Objective: Configure a remote access policy MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 26

27 Configuring VPN Security (cont’d.) MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 27 Table 10-5 Authentication types

28 MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 28 Figure 10-15 Encryption options Courtesy Course Technology/Cengage Learning

29 Configuring VPN Security (cont’d.) MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 29 Table 10-6 RAS encryption options

30 Configuring a Dial-Up Remote Access Server Dial-up remote access server compatible with: –Asynchronous modems –Synchronous modems –Null modem communications –Regular dial-up telephone lines –Leased telecommunication lines –ISDN lines (and digital ‘‘modems’’) –X.25 lines –DSL lines –Cable modem lines –Frame relay lines MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 30

31 Configuring a Dial-Up Remote Access Server (cont’d.) Install RAS using Routing and Remote Access tool –Steps very similar to installing a VPN server MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 31

32 Configuring Dial-Up Security Callback security –Server calls back the remote computer –Verify telephone number in order to discourage a hacker Options available in Windows Server 2008: –No Callback –Set by Caller (Routing and Remote Access Service only) –Always Callback to MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 32

33 Configuring Dial-Up Security (cont’d.) Control network access permission –Allow access –Deny access –Control access through NPS Network Policy Default selection MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 33

34 Configuring a Dial-Up Connection for a RAS Server Create other connections through the Network and Sharing Center Activity 10-7: Configuring a Dial-Up Network Connection –Objective: Configure a dial-up connection for a dial-up RAS server MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 34

35 Configuring Clients to Connect to RAS Through Dial-Up Access Common dial-up RAS clients –Windows 98, 2000, XP, Vista, and 7 Access a dial-up RAS server from other operating systems –Configure a dial-up connection on those clients MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 35

36 Configuring Clients to Connect to RAS Through Dial-Up Access (cont’d.) MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 36 Figure 10-17 Configuring a dial-up connection Courtesy Course Technology/Cengage Learning

37 Troubleshooting VPN and Dial-Up RAS Installations Troubleshooting VPN or dial-up RAS server communications problem –Hardware and software troubleshooting tips MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 37

38 Hardware Solutions Use Device Manager to check network adapters, WAN adapters, and modems Make sure telephone line plugged in For external modems: –Make sure the modem cable is properly attached, that you are using proper cable type For internal modems or adapter cards: –Check connection inside computer MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 38

39 Hardware Solutions (cont’d.) For a modem connection: –Test the telephone wall connection and cable For an external DSL adapter or a combined DSL adapter and router: –Ensure device is properly configured and connected Call your ISP to determine if problems are present on the ISP’s WAN MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 39

40 Software Solutions Use the Computer Management tool or Server Manager to verify status of: –Routing and Remote Access –Remote Access Auto Connection Manager –Remote Access Connection Manager services Ensure Windows Firewall is set up to allow remote access Make sure VPN or dial-up RAS server is enabled Check the remote access policy to be sure that access permission is granted MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 40

41 Software Solutions (cont’d.) Verify VPN or dial-up RAS server is started Check the network interface Ensure IP parameters are correctly configured to provide an address pool for either a VPN or dial-up RAS server If using a RADIUS server: –Ensure it is connected and working properly and that Internet Authentication Service (IAS) is installed Ensure the remote access policy is consistent with the users’ access needs MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 41

42 Connecting Through Terminal Services Terminal server –Enables clients to run services and software applications on Windows Server 2008 instead of at the client –Enables thin clients to perform most CPU-intensive operations on the server Centralize control of how programs are used Install different role services for specific purposes: –TS Web Access –TS Gateway MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 42

43 Connecting Through Terminal Services (cont’d.) MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 43 Table 10-7 Terminal Services components

44 Connecting Through Terminal Services (cont’d.) MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 44 Table 10-8 Role services available through Terminal Services

45 Connecting Through Terminal Services (cont’d.) RemoteApp –New feature –Enables a client to run an application without loading a remote desktop on the client computer TS Gateway –Provides a secure way to use Terminal Services over the Internet MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 45

46 Installing Terminal Services Install TS Licensing role service –Manage terminal server user licenses obtained from Microsoft –Licenses can be purchased either per user account or by client device Network Level Authentication (NLA) –Enables authentication to take place before the Terminal Services connection is established –Thwarts would-be attackers Create groups of user accounts in advance –Add these groups during installation MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 46

47 Installing Terminal Services (cont’d.) Activity 10-8: Installing Terminal Services –Objective: Learn how to install the Terminal Services role MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 47

48 Configuring Terminal Services Activity 10-9: Configuring Terminal Services –Objective: Configure a terminal server MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 48

49 Configuring Terminal Services (cont’d.) MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 49 Table 10-11 Terminal Services permissions

50 Managing Terminal Services Terminal Services Manager –Monitor the number of users connected to the terminal server –Add additional terminal servers to monitor –Determine if a user session is active –Determine which programs are running in a user’s session –Disconnect a user’s session or log off a user –Reset a connection that is having trouble –Send a message to a user MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 50

51 Managing Terminal Services (cont’d.) Activity 10-10: Using Terminal Services Manager –Objective: Use Terminal Services Manager MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 51

52 Configuring Licensing Activate Terminal Services licensing server Configure licensing using TS Licensing Manager Activity 10-11: Using the TS Licensing Manager –Objective: Use TS Licensing Manager MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 52

53 Accessing a Terminal Server from a Client Remote Desktop Connection (RDC) –Client already installed in Windows 7, Windows Vista, Windows Server 2008, and Windows XP Activity 10-12 (optional): Configuring Authentication in Windows Vista or Windows 7 –Objective: Configure NLA authentication in Windows Vista or Windows 7 MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 53

54 Installing Applications on a Terminal Server Might need to reinstall some applications that were installed before Terminal Services role Use Control Panel to uninstall them Reinstall applications –In Control Panel Home view, click Programs –Click Install Application on Terminal Server MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 54

55 MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 55 Summary Routing and Remote Access Services includes –Virtual private network (VPN) and dial-up services Remote access protocols include: –SLIP, CSLIP, PPP, PPTP, L2TP, and SSTP Use Server Manager to install the Network Policy and Access Services role VPN has many properties that can be configured –Configure a remote access policy to govern how a VPN server is accessed

56 Summary (cont’d.) When you configure dial-up remote access –Also configure a DHCP Relay Agent, Multi-link (if used), and a remote access policy for security Use Server Manager to install the Terminal Services role –Configure Terminal Services client access licenses MCITP Guide to Microsoft Windows Server 2008, Server Administration (Exam #70-646) 56

Download ppt "MCITP Guide to Microsoft Windows Server 2008 Server Administration (Exam #70-646) Chapter 10 Configuring Remote Access."

Similar presentations

Encrypting Wireless Data with VPN Techniques

Encrypting Wireless Data with VPN Techniques
Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)

Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)
1.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.

1.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.
11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.

11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.
SCSC 455 Computer Security Virtual Private Network (VPN)

SCSC 455 Computer Security Virtual Private Network (VPN)
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.

1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 11: Planning Network Access.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 11: Planning Network Access.
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.
Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.

Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.
70-270, 70-290 MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Twelve Implementing Terminal.

70-270, MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Twelve Implementing Terminal.
Chapter 13 Chapter 13: Managing Internet and Network Interoperability.

Chapter 13 Chapter 13: Managing Internet and Network Interoperability.
Hands-On Microsoft Windows Server 2008 1 Connecting Through Terminal Services Terminal server – Enables clients to run services and software applications.

Hands-On Microsoft Windows Server Connecting Through Terminal Services Terminal server – Enables clients to run services and software applications.
Remote Networking Architectures

Remote Networking Architectures
1 Chapter Overview Introduction to Windows XP Professional Printing Setting Up Network Printers Connecting to Network Printers Configuring Network Printers.

1 Chapter Overview Introduction to Windows XP Professional Printing Setting Up Network Printers Connecting to Network Printers Configuring Network Printers.
Network Address Translation, Remote Access and Virtual Private Networks BSAD 146 Dave Novak Sources: Network+ Guide to Networks, Dean 2013.

Network Address Translation, Remote Access and Virtual Private Networks BSAD 146 Dave Novak Sources: Network+ Guide to Networks, Dean 2013.
Virtual Private Network (VPN) © N. Ganesan, Ph.D..

Virtual Private Network (VPN) © N. Ganesan, Ph.D..
1 © J. Liebeherr, All rights reserved Virtual Private Networks.

1 © J. Liebeherr, All rights reserved Virtual Private Networks.
Overview of Routing and Remote Access Service (RRAS) When RRAS was implemented in Microsoft Windows NT 4.0, it added support for a number of features.

Overview of Routing and Remote Access Service (RRAS) When RRAS was implemented in Microsoft Windows NT 4.0, it added support for a number of features.
Module 11: Supporting Remote Users. Overview Establishing Remote Access Connections Connecting to Virtual Private Networks Configuring Authentication.

Module 11: Supporting Remote Users. Overview Establishing Remote Access Connections Connecting to Virtual Private Networks Configuring Authentication.
Chapter 11: Dial-Up Connectivity in Remote Access Designs

Chapter 11: Dial-Up Connectivity in Remote Access Designs

Similar presentations

Ads by Google