-
Remote access enables users to dial into a server and access the network as though they were physically connected to it.
-
Windows Server 2003 supports two remote access connectivity methods : dial-up and VPN.
-
Remote access clients can be assigned IP addresses using a DHCP server. Alternatively the remote access server can be configured with a pool of IP addresses.
-
The two main dial-up protocols are PPP and SLIP. Windows Server 2003 supports the use of SLIP for outbound connections only.
-
The DHCP relay agent enables DHCP clients to obtain an IP address from a DHCP server on the network when they dial in.
-
Remote Access Policies determine who has permissions to dial in and also define the characteristics of the connection. Remote Access Policies consist of conditions, permissions, and profiles.
-
Remote access policy elements are evaluated in the following order: conditions, permissions, and profiles.
-
Remote access permission can be granted through the properties of a user account and through a remote access policy.
-
If no remote access policy exists, all remote access connection attempts will be denied .
-
Multilink enables multiple phone lines to be combined into a single logical connection to increase available bandwidth.
-
BAP enables multilink connections to be dynamically added and dropped based on bandwidth requirements.
-
The following protocols can be used for authentication: PAP, SPAP, CHAP, MS-CHAP, and EAP.
-
Windows Server 2003 supports two types of encryption: MPPE and IPSec.
-
Windows Server 2003 Internet Authentication Services (IAS) is used to centralize user authentication, auditing, and accounting information.
-
VPNs are created using a tunneling protocol. A tunnel can be established using either PPTP or L2TP.
-
Routing can be configured within the Routing and Remote Access MMC snap-in.
-
Static routing is good for small networks in which the topology does not change often.
-
Use the route command to add static entries to the routing table. To add persistent routes, use the “p parameter with the command.
-
RIP routers periodically send their entire routing table to other routers. RIP causes an increase in network traffic. Routing is based on hop counts.
-
OSPF routers only transmit updates. Routing is based on metrics.
-
The IP Security Policy (IPSec) is used to protect data that is sent between hosts on a network, which can be remote access, VPN, LAN, or WAN.
-
The three default IPSec policies are Client (Respond Only), Server Secure (Require Security), and Server (Request Security).
-
IPSec supports Kerberos, certificates, and preshared key authentication methods.