RRAS is used to configure Windows Server 2003 as a router for internetwork communications. The route can be configured with either a dedicated connection or with a demand dial connection, and the design and implementation of a routing protocol is a key to good security.
RIP version 2, OSPF, and static routes can be made secure if implemented properly. This can include using password-based router authentication, route filtering, and peer limiting.
Demand dial connections can be kept secure by using certificates and router authentication for dial-in and dial-out events.
VPN tunnels are created by either the PPTP or L2TP protocols. Both encrypt all data sent over the InternetPPTP uses MPPE and L2TP uses IPSec ESP. L2TP is more secure because IPSec encrypts the authentication phase as well as the data.
Remote access policies and profiles constrain who can connect to the network, and what they can do when they get there. Security considerations include authentication methods and time restrictions.
Windows Server 2003 allows the administrator to use features like IP packet filtering, VPN/firewall placement, and Network Access Quarantine Control to secure VPN LAN-to-LAN and remote access connections.