Routing and Remote AccessTools |
The main tool for configuring remote access is the RRAS console, an administrative tool that can be used to configure:
A dial-up networking server (remote access server)
A virtual private networking server (VPN server)
A demand-dial connection
A firewall/NAT server
A LAN router
By default, RRAS is configured for manual startup on WS2003, so the console tree initially looks like this:
Routing and Remote Access Server Status Server Name
where Server Name is the local computer. To start the RRAS on the local computer, right-click on Server Name and select Configure and Enable Routing and Remote Access. This starts a wizard that leads you through the process of configuring the computer as a remote access server or router. Once the server has been configured, the console tree typically looks something like this:
Routing and Remote Access Server Status Server Name Network Interfaces Loopback Local Area Connection Internal Ports WAN Miniport (PPTP) (64 of them) WAN Miniport (L2TP) (64 of them) Direct Parallel (LTP1) Remote Access Clients IP Routing General Loopback Local Area Connection Internal Static Routes DHCP Relay Agent Internal IGMP NAT/Basic Firewall Remote Access Policies Connections to Microsoft RRAS servers Connections to other remote access servers Remote Access Logging Local File SQL Server
Depending on the role in which the server is configured (remote access server, VPN server, router, and so on), the available nodes may vary. This example shows the console tree when RRAS has been given a custom configuration with all functions installed on a single- homed server.
Under the Action menu (or by right-clicking on a node), you can select:
Select this to add additional remote access servers to the console tree and to configure the interval at which the console refreshes when Auto Refresh is enabled.
Select this to see the status of your remote access servers in the details pane.
Select this to pause, start, and restart the RRAS on the server or disable the service (remove the remote access server configuration from the server). You can also change the role of the server, specify providers for authentication and accounting, and manage IP routing and PPP settings on the server.
Select this to display the physical or logical interfaces over which packets are forwarded. These can be LAN, demand-dial, or IP-tunnel interfaces. (You can create new demand-dial or IP-tunnel interfaces, but LAN interfaces are created automatically when network adapters are installed.) Depending on the type of interface, you may be able to connect or disconnect it, enable or disable it, configure dial-out credentials and hours, change the device associated with the interface, configure which networking services function over the interface, and configure other properties of the interface.
Select this to display and configure the devices (modems, modem banks, logical WAN miniports, and so on) supported by the RRAS on the server. The details pane displays the point-to-point connections that are configured and their statuses. (If you have a single-port device such as a modem, the port and the device are indistinguishable.) Double-click on a port to display more details of its status.
Select this to view the connected dial-up or VPN clients in the details pane and disconnect them or view their status.
Select this to configure a multihomed server as a router.
Select this to create a new Remote Access Policy for controlling remote access for users. The details pane displays the Remote Access Policy created when the RRAS is enabled on the server.
Select this to view the remote access log file, and double-click on the file to configure its logging settings.