Index_C


C

CA (certification authority)

installing single-tier for WLAN test environments 582

installing three-tier for WLAN test environments 592

cache mode, ISA Server 218–219

cache pollution protection, DNS 160

callback options 498

caller ID options 498

capacity planning

ISA Server 226–229

VPN 384

Certificate Request Wizard 584

certificate-based EAP-TLS 488–489

certificates

computer-level authentication for remote site connectivity 491

deploying for remote site-to-site connections 522

distributing through autoenrollment for wireless LANs 576

distributing using Connection Manager 449

EAP-TLS support for wireless access 558

infrastructure for WLAN test environments 582–587

installing computer certificates on IAS servers 583–584

installing computer certificates on wireless clients 584–586

installing for IAS access clients 359

installing for IAS servers 359

installing for remote site-to-site connections 527

installing for VPN connections 420–421

installing L2TP/IPSec for remote site-to-site connections 526

installing single-tier CA for WLAN test environments 582

installing three-tier CA for WLAN test environments 592

installing user certificates on wireless clients 584–587

integrating with IAS infrastructure 357–359

PEAP-MS CHAP v2 support for wireless access 558

public key IPSec authentication 286

VPN client authentication 396–397

certification authority See CA (certification authority)

CHAP (Challenge Handshake Authentication Protocol) 356

CIDR (classless interdomain routing) 22–23

circuit gateways 32

Class A, B, C, D, and E addresses 16

classes, DHCP 90

classless interdomain routing (CIDR) 22–23

classless IP addressing 16–18

classless routing 18–20

Client (Respond Only) IPSec policy 275

client resolver, DNS 118

clients, DHCP

BOOTP support 99–101

configuration overview 98

remote access support 99

reserved clients 89

clients, DNS 154–155, 173

clients, ISA Server 220–221

clients, RADIUS

configuring 371

described 321

optimizing for IAS 341

planning for IAS 327

clients, remote access

See also deploying Connection Manager

authentication methods 433

background overview 431

branding Connection Manager 444

Connection Manager products 432

connection methods 432

deployment example See Connection Manager implementation example

IAS authorization 346

native connection capabilities and limitations 431

clients, TCP/IP network 42

clients, VPN

certificates for authentication 396–397

configuring routing 418–419

determining routing 387–388

remote access policies for IAS 352

client-side scripts, Network Access Quarantine Control 416

clustering

DHCP 79–80

WINS 185–188

CMAK (Connection Manager Administration Kit)

advanced customization 445–447

Advanced tab 447

branding clients 444

custom actions 442–444

customizing service profiles 438–440

described 432

general network properties 441

graphics 444

Help 444

ICF (Internet Connection Firewall) 447

icons 444

ICS (Internet Connection Sharing) 446

license agreement 444

merging service profiles 441

network settings 441

routing table updates 442

Save Password option 446

security settings 441

TCP/IP settings 441

CMAK wizard

advanced customization 445–447

Advanced tab 447

branding clients 444

Connection Manager implementation example 453–463

custom actions 442–444

customizing service profiles 438–440

general network properties 441

graphics 444

Help 444

ICF (Internet Connection Firewall) 447

icons 444

ICS (Internet Connection Sharing) 446

license agreement 444

mergingservice profiles 441

network settings 441

Preparation for Running the CMAK Wizard worksheet 453–463

required information 439

Save Password option 446

security settings 441

TCP/IP settings 441

common policy for remote access 500

compression, remote site connectivity 515

computer authentication 491

computer certificates

See also certificates

computer-level authentication for remote site connectivity 491

distributing through autoenrollment for wireless LANs 576

installing for IAS access clients 359

installing for IAS servers 359

installing for remote site-to-site connections 527

installing L2TP/IPSec for remote site-to-site connections 526

installing on IAS servers 583–584

installing on wireless clients 584–586

computer-level authentication 491

conditional forwarding

configuring for DNS implementation 171

described 117–118

designing DNS servers 144–146

designing DNS zones 149

configuring Connection Manager 441

configuring DHCP

classes 90

clients 98–101

information options 92

MADCAP scopes 95

multicast scopes 94–95

New Scope Wizard 89

option parameters 91

options overview 88

reserved clients 89

scope-level options 89

user-defined classes 91

vendor-defined classes 91

Windows Server 2003 protocol options 92

configuring dial-up remote access servers

configuring connections to clients 425

configuring connections to intranet 425–426

configuring ports for remote access 425–426

configuring TCP/IP on LAN adapter 425

overview 424–425

configuring DNS

aging 171

conditional forwarding 171

DNS clients 154–155

dynamic updates for servers 171

name resolution for disjointed namespaces 128

replication scope 172

scavenging 171

server lists for clients 155

suffix search lists 155

zone transfers 172

configuring firewalls for IPSec 281

configuring IAS as RADIUS proxy

clients 371

filters on Internet interfaces 369

firewalls to support Internet traffic 369

overview 367

primary proxy in perimeter networks 368

secondary proxy in perimeter networks 368

configuring IAS as RADIUS server

authentication and accounting on access servers 366

overview 363

primary IAS server on domain controller 365

secondary IAS server on domain controller 366

user accounts and groups 364

WLAN test environments 587–589

configuring IAS for third-party compatibility 371–372

configuring ISA Server in arrays 230–231

configuring remote access policies for IAS

applying policies to users and groups 351

client-specific policies 352

common vs. custom policies 349–351

conditions 350

Network Access Quarantine Control 348

overview 347

permissions 350

profile properties 350

Quarantine Remote Access Policy 352

restrictions 351

specifications for common policies 349

specifications for custom policies 349

switch access clients 352

VPN clients 352

wireless access clients 352

configuring remote site connectivity

authentication providers for routers 495

router user accounts 493–499

routing groups 499

site-to-site connections See configuring remote site-to-site connections

configuring remote site-to-site connections

Active Directory user accounts and groups 523–524

authentication methods 543

authentication providers 543

auto-static updates 539

demand-dial filters 546

demand-dial interfaces 527–533

dial-out or dial-in hours 545

disconnect intervals 537

Internet access through calling routers 540–541

intranet connections 525

IP multicasting 542

IP packet filters 546

performance for Internet traffic 541

persistent connections 537

ports 544

remote access policies 534–536

replication 547–549

Routing and Remote Access 527–533

routing protocols 540

security for Internet traffic 540

static routes 537–539

WAN adapters 524

configuring routing for VPN

configuring for clients 418–419

configuring on VPN servers 417–418

dynamic routers 418

overview 417

static routes 418

configuring TCP/IP networks

client computers 42

configuring IGMP 40

Internet configuration for VPN 408

intranet interface for VPN 409

IP multicast scopes 41

IPv6/IPv4 coexistence with DNS 62–63

perimeter network interface for VPN 408

configuring VPN remote access servers

Configure Your Server Wizard 407

configuring account lockout 422

configuring encryption 421

configuring filters for servers behind firewalls 409

configuring filters for servers in front of firewalls 413

configuring routing 417–419

configuring TCP/IP 407–409

firewalls 409–415

installing certificates for connections 420–421

Internet configuration for TCP/IP 408

intranet interface for TCP/IP 409

L2TP/IPSec connections for servers behind firewalls 411

L2TP/IPSec connections for servers in front of firewalls 415

L2TP/IPSec Internet interface of firewalls 412

L2TP/IPSec perimeter network interface of firewalls 412

name resolution 409

Network Access Quarantine Control 416–417

packet filters 409–415

perimeter network interface for TCP/IP 408

PPTP connections for servers behind firewalls 409

PPTP connections for servers in front of firewalls 414

PPTP Internet interface of firewalls 410

PPTP perimeter network interface of firewalls 411

routing for clients 418–419

security implementation 420–422

tasks 407

configuring wireless LANs

Active Directory 580

DNS and DHCP 582

groups for wireless users and computers 581

registering IAS server in Active Directory 581

remote access permissions 580

wireless adapter on wireless clients 589

wireless APs 580

connecting remote sites

Active Directory integration 510–512

additional resources 549–550

background 471–474

compression 515

connection types 475–483

data throughput 515

deploying site-to-site connections See implementing remote site-to-site connections

designing routing infrastructure 502–506

dial-up connections 476

integrating connections into networks 501–512

IP address assignments 507–510

IPSec offload cards 515

migrating routers from Windows NT 4.0 or Windows 2000 513–515

name resolution 507–510

on-demand connections 481–482

one-way initiated connections 483

overview 469–470

persistent connections 481–482

process 471

security See security for remote site connectivity

server capacity 515

server configurations 512–517

server deployments 516–517

two-way initiated connections 483

VPN connections 477–480

Connection Manager

additional resources 466–467

advanced customization 445–447

authentication methods 433

branding clients 444

clients background information 431–434

clients described 432

Connection Manager Administration Kit See CMAK (Connection Manager Administration Kit)

connection methods 432–433

Connection Point Services See CPS (Connection Point Services)

creating phone books 436

custom actions 442–444

customizing 438–447

deployment overview for remote access clients 429–430

deployment process 430

direct dial 433

distributing certificates 449

distributing service profiles 451

hosting phone books on PBS servers 438

implementation example See Connection Manager implementation example

implementing deployments 448–451

installing PBA 436

Internet enrollments 449

intranet enrollments 450

native connection capabilities and limitations 431

network settings 441

outsourcing phone books 437

phone book support 434–438

POPs (Points of Presence) 436

products 432

publishing phone books 436

regions in phone books 436

security education for users 450

security settings 441

service profiles 438–441

testing deployments 449

top-level profile 441

updating phone books 437

VPN 433

Connection Manager Administration Kit See CMAK (Connection Manager Administration Kit)

Connection Manager implementation example

CMAK wizard 453–463

component profiles 454–455

creating service profiles 453–463

distributing service profiles 464–465

overview 452

Preparation for Running the CMAK Wizard worksheet 453–463

preparing phone books 453

routing table updates 462

testing deployments 464

top-level profile 455–463

connection methods 432–433

Connection Point Services See CPS (Connection Point Services)

connection request policies for IAS 330, 348

convergence for link state routing protocols 13

convergence time 195

core tier 9

coverage areas for wireless users 563

CPS (Connection Point Services)

creating phone books 436

described 432

hosting phone books on PBS servers 438

installing PBA 436

outsourcing phone books 437

PBA described 432

PBS described 432

phone book support 434–438

POPs (Points of Presence) 436

publishing phone books 436

regions in phone books 436

updating phone books 437

CPU requirements, VPN 384

creating

DHCP reservations 92

DHCP scopes 86

DHCP server design See designing DHCP servers

DHCP superscopes 93–94

DNS computer names 133–135

DNS domain names 131–133

DNS subdomains 137

IAS remote access policies See creating IAS remote access policies

phone books using Connection Manager 436

creating IAS remote access policies

applying policies to users and groups 351

client authorization 346

client-specific policies 352

common vs. custom policies 349–351

conditions for policies 350

configuring policies 347–352

groups 346

Network Access Quarantine Control 348

overview 345

permissions for policies 350

profile properties for policies 350

Quarantine Remote Access Policy 352

restrictions 351

specifications for common policies 349

specifications for custom policies 349

switch access clients 352

user accounts 347

VPN clients 352

wireless access clients 352

cryptography, IPSec 250

custom policy for remote access 500

customizing Connection Manager

advanced customization 445–447

Advanced tab 447

branding clients 444

custom actions 442–444

general network properties 441

graphics 444

Help 444

ICF (Internet Connection Firewall) 447

icons 444

ICS (Internet Connection Sharing) 446

license agreement 444

merging service profiles 441

network settings 441

Save Password option 446

security settings 441

service profiles 438–440

TCP/IP settings 441

top-level profile 441




Microsoft Corporation Microsoft Windows Server 2003 Deployment Kit(c) Deploying Network Services 2003
Microsoft Corporation Microsoft Windows Server 2003 Deployment Kit(c) Deploying Network Services 2003
ISBN: N/A
EAN: N/A
Year: 2004
Pages: 146

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net