RADIUS clients, IAS
adding APs for WLAN test environments 587
described 321
optimizing 341
planning 327
RADIUS protocol, IAS 316, 321
RADIUS proxies, IAS
adding attributes to connection request policy 330
configuring clients 371
configuring firewalls to support traffic 369
configuring primary proxy in perimeter network 368
configuring secondary proxy in perimeter network 368
described 321
design overview 324
designing 330–331
filters on Internet interface 369
implementing deployments 367–371
installing backup servers 331
IPSec traffic security 361
load balancing 325
multiple forests 324
planning connection request policies 330
planning for failure detection 330
planning for load balancing 330
RADIUS server 326
securing 359–361
shared secrets 359, 361
third-party ISP 324
VPN tunnels 361
RADIUS servers, IAS
802.1X support for wireless access 558
adding attributes to remote access policy 329
authentication 328
configuring for WLAN test environments 587–589
configuring primary server on domain controller 365
configuring secondary server on domain controller 366
configuring server authentication and accounting 366
configuring user accounts and groups 364
deployments for authentication 522
described 321
design overview 323
designing 327–330
EAP-TLS support for wireless access 558
implementing deployments 363–366
installing backup servers 330
IPSec traffic security 361
planningfor RADIUS clients 327
quarantine-compatible 401
RADIUS proxy 326
securing 359–361
server domain membership 327
shared secrets 359, 361
VPN tunnels 361
RAM requirements, VPN 384
RAS and IAS Servers security group 528–532
reciprocal replication for remote site connectivity 511
recursive DNS queries 119
redirection, DNS 157
redundant links and routers for TCP/IP networks 34
redundant servers for remote access 404
redundant WINS databases 190
remote access
clients See clients, remote access
deploying clients using Connection Manager See deploying Connection Manager
designing solutions See designing remote access server solutions
dial-up networking See dial-up networking
remote site connectivity See remote site connectivity
Routing and Remote Access See Routing and Remote Access
VPN See VPN (virtual private network)
remote access policies
applying to users and groups 351
client authorization 346
common vs. custom policies 349–351
conditions 350
configuring 347–352, 534–536
groups 346
Network Access Quarantine Control 348
overview 345
permissions 350
profile properties 350
restrictions 351
specifications for common policies 349
specifications for custom policies 349
switch access clients 352
types of 500–501
user accounts 347
VPN clients 352
wireless access clients 352
Remote Access Quarantine Agent service 399, 401, 416
Remote Authentication Dial-In User Service
RADIUS clients See RADIUS clients, IAS
RADIUS protocol See RADIUS protocol, IAS
RADIUS proxies See RADIUS proxies, IAS
RADIUS servers See RADIUS servers, IAS
remote RADIUS server groups 330, 339, 368
remote site connectivity
Active Directory integration 510–512
additional resources 549–550
background 471–474
compression 515
connection types 475–483
data throughput 515
deploying site-to-site connections See implementing remote site-to-site connections
designing routing infrastructure 502–506
dial-up connections 476
integrating connections into networks 501–512
IP address assignments 507–510
IPSec offload cards 515
migrating routers from Windows NT 4.0 or Windows 2000 513–515
name resolution 507–510
on-demand connections 481–482
one-way initiated connections 483
overview 469–470
persistent connections 481–482
process 471
security See security for remote site connectivity
server capacity 515
server configurations 512–517
server deployments 516–517
two-way initiated connections 483
VPN connections 477–480
replication, Active Directory 151–153, 163
replication, remote site connectivity
configuring 547–549
reciprocal replication 511
scheduled replication 511
replication, WINS
across LANs 196
across WANs 195
automatic partner configuration 192–193
between untrusted domains 197
convergence time 195
deploying branch offices 198
deploying concentrated user base 199
hub-and-spoke topology 194, 200–202
mapping to physical networks 197–202
Netsh tool 193, 197
overview 190–192
pull, push, or push/pull partners 193–194
T network topology 194
Request Security IPSec filter action 276
Require Security IPSec filter action 276
reservations, DHCP 92
reserved clients, DHCP 89
resource record (RR), DNS 119
Resultant Set of Policy (RSoP) 249, 307
reverse cache mode, ISA Server
described 219
hardware requirements 229
reverse lookup zones, DNS 119
RIP (Routing Information Protocol) 13
rouge DHCP servers 84
route plumbing See routing table updates
route summarization 20–21
router user accounts and groups 493–499
router-to-router connections See site-to-site connections
Routing and Remote Access
See also remote site connectivity
configuring for site-to-site connections 527–533
configuring IGMP 40
overview 375
VPN See VPN (virtual private network)
Routing and Remote Access Wizard 527
Routing Information Protocol (RIP) 13
routing IPv6 traffic over IPv4 infrastructure
6to4 for IPv6 traffic between subnets or sites 57–59
ISATAP for IPv6 traffic between subnets 59–61
overview 56–57
routing protocols for remote site connectivity 505, 540
routing strategies for TCP/IP networks
dynamic vs. static routing 11–14
hardware routers 11
overview 10–11
software-based routers 11
routing table updates
CMAK custom actions 442
Connection Manager implementation example 462
routing, VPN
configuration overview 417
configuring for clients 418–419
configuring on VPN servers 417–418
determining for clients 387–388
dynamic routers 418
static routes on servers 418
Rqc.exe (notification component) 399, 416
Rqs.exe (listener component) 399, 401, 416
RR (resource record), DNS 119
RSoP (Resultant Set of Policy) 249, 307