AAA (authentication, authorization, and accounting) infrastructure
deployment, 112–119, 222–228
described, 89–95
groups, 94
log files, 95
policies, 90–92
preventing traffic, 92–94
user accounts, 94
Access Method page, 117, 141, 143, 144, 226
Access-Accept messages, 195
Access-Reject messages, 89, 195
Access.txt, 153, 167
Account Locked Out option, 48
Account tab, 48
accounting. See also AAA (authentication, authorization, and accounting) infrastructure
deployment, 114, 224
interoperability, 59
log files, 224, 278
providers, 82, 90
routing, 183, 185
troubleshooting, 278
VPN servers, 34, 82
Accounting Requests option, 115
accounts. See also user accounts
lockout features, 47, 283, 297
unable to connect problems, 283
Activate Scope page, 133
Active Directory (Microsoft)
AAA infrastructure, 112, 223
authorization, 41
Auto-Enrollment CA feature, 70
certificates, 70, 103, 108, 208, 209, 212
clients, 70
configuring, 112, 223
Connection Manager, 132, 133, 150
deployment, 103, 108, 112, 113, 208, 209, 212
domains, 94
groups, 112, 223
IAS, 224
Installation Wizard, 132
mapping files, 209
passwords, 74
quarantine features, 132, 133, 150
site network infrastructure, 228
site-to-site VPNs, 184, 198, 199, 223, 228, 299
troubleshooting, 285, 287, 299, 300, 303
unable to connect problems, 299, 300
user accounts, 112, 223
VPN servers, 113
Windows XP Home Edition, 11
ActiveX controls (Microsoft), 106
Add A User Account So A Remote Router Can Dial In option, 218, 221
Add Exclusions page, 132
Add Or Remove Programs console, 33, 139, 223
Additional Files page, 164
Additional Information page, 134, 226
Add/Remove Windows Components option, 113, 223
addresses. See also IP (Internet Protocol) addresses; subnet addresses
assigning, 20, 56
connection endpoint, 170
management, 16
requirements, 16
site-to-site VPNs, 170, 192–194
troubleshooting, 286, 292
tunneling, 20
administration
authorizing connections, 31
described, 30–34
scalability, 31
Adminpak.msi, 33
ADSL (Asynchronous Digital Subscriber Line), 252, 257
Advanced Certificate Request option, 110, 208
Advanced Customization option, 165
Advanced Customization page, 165
Advanced tab, 145
air gaps, between secure resources, 15
alarming, 34
All Connections option, 162
All Tasks option, 160, 211
Allow Access option, 113, 177, 185, 199
Allow Custom IPSec Policy For L2TP Connection option, 202
always-on VPNs, 14, 175
APIPA (Automatic Private IP Addressing), 182, 286, 292, 308
Apple Computer, 4
Apply Static Routes option, 200
ASBR (autonomous system boundary router), 86, 235
Ascend, 54
Asynchronous Digital Subscriber Line (ADSL). See ADSL (Asynchronous Digital Subscriber Line)
ATM (Asynchronous Transfer Mode), 18, 245
attacks. See also DoS (Denial-of-Service) attacks; hackers
CHAP, 39
dictionary, 25, 47
man-in-the-middle (MITM), 54
packet filtering, 38, 43
replay, 39, 103
auditing, 34, 69, 115
authentication. See also AAA (authentication, authorization, and accounting) infrastructure
certificates, 44–46, 213
Connection Manager, 141, 144, 162
deployment, 114, 213, 224, 227, 250, 253, 259
described, 37, 38–41
interoperability, 54–56
IPSec, 18, 54–56
L2TP/IPSec, 40, 301–302
lockout features, 47
log files, 224, 278
mutual, 40, 41
nonpassword-based, 75, 189
policies, 227
PPTP, 25, 40
protocols, 21–22, 73–75
providers, 82
quarantine features, 141, 144, 162
RADIUS, 19, 34
requirements, 16
routing, 183, 185
site-to-site VPNs, 170, 177, 178, 183, 185, 187
troubleshooting, 278, 289–292, 301–306
tunneling, 19
two-factor, 40, 70
VPN servers, 82
Authentication Methods page, 117, 141, 143, 144, 227
Authentication Requests option, 115, 225
authorization. See also AAA (authentication, authorization, and accounting) infrastructure
described, 31, 37, 41
policies, 31
site-to-site VPNs, 170, 178
Authorize option, 132
Auto-Enrollment CA feature, 70
Automatic Certificate Request option, 104
Automatic Certificate Request Setup Wizard, 104
Automatic Private IP Addressing (APIPA). See APIPA (Automatic Private IP Addressing)
Automatic Proxy Configuration page, 162
Automatically Download Phone Book Updates option, 162
Automatically Select The Certificate Store Based On The Type Of Certificate option, 211
autonomous system boundary router (ASBR). See ASBR (autonomous system boundary router)
auto-static propagation, 235
auto-static updates, 172, 236–237