Managing Outgoing Connections


You can configure your Windows XP Professional based computer to initiate a remote connection. Such a connection can be any one of a number of different types, including:

  • A dial-up connection to the Internet, using analog modem, ISDN, or X.25.

  • A broadband connection to the Internet, using PPPoE, cable modem, DSL, or a leased line.

  • A direct dial-up or broadband connection to a private network.

  • A VPN connection, using the Internet to exchange data with a private network.

It is also possible to use your Windows XP Professional based computer to establish a connection locally with another device in your office.

Local area connections can be configured at any time. The network adapter is detected; the connection is created and placed in the Network Connections folder.

Along with a display of existing connections, the Network Connections folder contains a list of network tasks including Create a new connection, which you can double-click to start the New Connection Wizard. Use the New Connection Wizard to create dynamic connections, including Internet connections, VPN connections to the workplace, direct connections to another computer, and incoming connections. Outgoing connections contact a remote access or VPN server by using a configured access method, such as a LAN, dial-up modem, or ISDN line, to establish a connection with the network.

Whether you are connected locally (by a LAN), remotely (by dial-up, ISDN, and so on), or both, you can configure a connection so that it performs any network function that you want. For example, you can print to network printers, access network drives and files, browse other networks, and access the Internet. If you are upgrading to Windows XP Professional from Microsoft Windows Millennium Edition (Me), Microsoft Windows 98 or Microsoft Windows NT Workstation version 4.0, Network Connections dynamically detects Dial-up Networking phone books and create a connection for each phone book entry.

Note 

Certain conditions, such as a malfunctioning network adapter, can keep your connection from appearing in the Network Connections folder.

Using the New Connection Wizard to Choose Connection Types

The New Connection icon always appears in the Network Connections folder. It starts the New Connection Wizard, which guides you through the process of creating all connection types, except for local area connections. The steps in the wizard guide you through the configuration options for each type of connection. The wizard enables you to select among three common connection types. Each connection type is then automatically configured with the most appropriate defaults for most cases. Figure 23-3 shows the three connection types: Connect to the Internet, Connect to the network at my workplace, and Set up an advanced connection.

click to expand
Figure 23-3: New Connection Wizard

Internet Connection

Select this connection type to start the Internet Connection Wizard and connect to the Internet. File and Printer Sharing for Microsoft Networks is disabled, protecting your computer s file and print shares from computers on the Internet. The Internet Connection Wizard allows you to select a dial-up or broadband connection.

Dial-up Connection

By selecting the dial-up connection you can configure your Windows XP Professional based computer to access the Internet for a finite period of time using a dial-up technology such as a dial-up analog modem, ISDN, or X.25. A modem or comparable piece of data circuit-terminating equipment (DCE) should be installed within or attached to your computer before such a logical configuration is attempted.

The Internet Connection Wizard automatically connects you to the Microsoft Referral Service to help you select an ISP if you select Dial-up to the Internet and either of the following:

  • I want to sign up for a new Internet account. (My telephone line is connected to my modem.)

  • I want to transfer my existing Internet account to this computer. (My telephone line is connected to my modem.)

The Microsoft Referral Service automates the process and provides the phone numbers to you.

Before you create an Internet connection, check with your Internet service provider (ISP) to verify the required connection settings. A connection to your ISP might require one or more of the following settings:

  • A specific IP address

  • Domain Name System (DNS) addresses and domain names

  • Other optional settings

Broadband Connection

Select Broadband Connection to configure your Windows XP Professional based computer for a persistent connection to the Internet using a faster broadband technology such as PPPoE, cable modem, DSL, or a leased line such as a T1. Unless you supply specific information about your broadband connection, Windows XP Professional dynamically detects and configures your broadband connection, assuming that the device necessary to establish such a connection is already in place.

Connecting to the Network at My Workplace

Select this connection type to connect to a private network from home, a field office, or another location.

Direct Connection

This option allows you to connect directly by dial-up or broadband into a corporate (or other private) network.

Internet Connection

This option allows you to access the corporate network by means of the Internet by creating a secure VPN connection. Depending upon how the VPN server has been configured, the VPN connection uses either PPTP or L2TP as its tunneling protocol.

Advanced Connection

Select the Advanced Connection type for two other selections.

Set Up This Computer to Accept Incoming Connections

Select this option to configure a Windows XP Professional based computer to act as a remote access server accepting incoming connections. For more information about configuring a Windows XP Professional based computer to act as a remote access server, see Managing Incoming Connection later in this chapter.

Connecting Directly to Another Computer

Select this option to connect your Windows XP Professional based computer directly to another computer by means of a parallel, serial, or infrared port-to-port connection.

You can designate your computer to act either as the Host or the Guest computer. The Host makes data available to another computer. The Guest is the computer that accesses data on the Host computer.

To connect directly to another computer

  1. In Control Panel, click Network and Internet Connections.

  2. In Network and Internet Connections, click Network Connections.

  3. In Network Connections, under Network Tasks, click Create a new connection. In the New Connection Wizard, click Next.

  4. Select Set up an advanced connection, and then click Next.

  5. In the Advanced Connection Options dialog box, select Connect directly to another computer, and then click Next.

  6. Select Host, and then click Next.

  7. In the Connection Device dialog box, select the appropriate device for this connection, and then click Next.

  8. In the Users allowed to connect dialog box, select the check box next to the name of the user to whom you want to assign the right to connect this computer, and then click Next.

    Note that a disabled account affects the user s ability to connect. (If you wish to add a user name to the account list, click Add, and then type the User name, Full name, Password and Password confirmation of the user.)

  9. In the Completing the Network Connection Wizard dialog box, type the connection name in the text box, and then click Finish.

What Can I Configure?

Group Policy enforces specified requirements for user environments. For example, by using Group Policy, you can enforce local and domain security options, specify logon and logoff scripts, and redirect user folder storage to a network location. Local Group Policy can be applied at the local computer or workgroup level. In the domain environment, Group Policy can be applied using Active Directory , the directory service included with Windows 2000.

For more information about Group Policy in Windows XP Professional, see Authorization and Access Control in this book.

Your ability to configure connections depends on several factors, including your administrative rights, whether a connection was created by using Only for myself or For all users in the New Connection Wizard, and which Group Policy settings are applied to you.

Configuration Privileges

If you are logged on as an administrator or as a member of the Network Configuration Operators local group, the New Connection Wizard prompts you to select whether a connection that you are creating is For all users or Only for myself. If you select For all users, this connection is available to any user who logs on to that computer, and only an administrator who is logged on to that computer can modify the connection. If you select Only for myself, then only you can modify or use it.

Group Policy settings, which are designed to help manage large numbers of users in enterprise environments, can be used to control access to the Network Connections folder, and the connections in it. Settings can be used that enable or disable the option to create connections, delete connections, or modify connection properties. For more information about these Group Policy settings, see Connecting Clients to Windows Networks in this book.

Note 

If you choose Log on using dial-up connection when you start your Windows XP Professional session, you see only the For all users connections. This is because before you log on, you are not authenticated to the network. After you have logged on and your identity is authenticated, you see the Only for myself connections.

Configuring Remote Connections

Because all services and communication methods are configured within the connection, you do not need to use external management tools to configure dial-up, VPN, or direct connections. For example, the settings for a dial-up connection include the features to be used before, during, and after connecting. These include the modem you use for dialing, the type of password authentication and data encryption you use upon connecting, and the remote network protocols you use after connecting.

Because settings are established per connection, you can create different connections that apply to different connection scenarios and their specific needs. For example, you can configure a connection with a static TCP/IP address when you dial into your corporate office. You might also have a connection configured for an ISP. If your ISP allocates IP addresses using PPP, set the TCP/IP settings for the connection to Obtain an IP address automatically.

Connection status, which includes the duration and speed of a connection, is viewed from the connection itself; you do not need to use an external status tool. All connections are configured by right-clicking the connection, and then clicking Properties. For more information about configuring connections, see Windows XP Professional Help and Support Center.

Configuring Advanced Settings

The settings in the Advanced menu of the Network Connections folder allow you to choose from a range of advanced settings including operator-assisted dialing, dial-up preferences, bridge creation (Layer 2 connectivity), and network identification options. Another option allows you to install optional networking components such as the Simple Network Management Protocol (SNMP) service or the printing service. You can also modify the order in which connections are used by network services, or the order in which your computer uses network protocols and providers.

Operator-Assisted Dialing

If you choose this setting, automatic dial-up settings can be overridden where intervention is required. Typically, you can use this setting where you have to call by using a manually operated switchboard to establish your dial-up connection.

Dial-up Preferences

The settings in Dial-up Preferences affect connection creation privileges, Autodial options, and callback options.

You can enable or disable Dial-up Preferences on your users desktops by using the Enable the Dial-up Preferences item on the Advanced menu Group Policy setting.

Autodial

The Autodial tab on the Dial-up Preferences page lists the available locations where you can enable Autodial. Autodial maps and maintains network addresses to connection destinations, which allows the destinations to be automatically dialed when referenced, whether from an application or from a command prompt. To enable Autodial for a location, select the check box next to the location. To disable Autodial for a connection, clear the check box next to the location.

The following is an example of how Autodial works:

  1. You are not connected to your ISP, and you click an Internet address that is embedded in a word processing document.

  2. You are asked to choose the connection used to reach your ISP, that connection is dialed, and then you access the Internet address.

  3. The next time you are not connected to your ISP and you click the Internet address in the word processing document, the connection that you selected the first time is automatically dialed.

The Autodial feature works only when the Remote Access Auto Connection Manager service is on. Remote Access Auto Connection Manager is on by default in Windows XP Professional based computers that are not members of a domain and in Microsoft Windows XP Home Edition.

To start the Remote Access Auto Connection Manager service

  1. Right-click My Computer, and then click Manage.

  2. In the details pane, right-click Remote Access Auto Connection Manager, and then click Start. In the console tree, double-click Services and Applications, and then click Services.

Callback

The Callback tab on the Dial-up Preferences page provides you with cost advantages. Callback instructs your dial-up server to disconnect your initiating call after authenticating your credentials and then call you back, thereby reducing your phone charges.

Callback behavior is determined by a combination of the settings that you specify in Network Connections, and by the user account settings you designate. Table 23-2 illustrates callback behavior based on these settings.

Table 23-2: Callback Behavior

Callback Setting on the Calling Computer

Callback Setting on the User Account

Behavior

No callback

No callback

The connection stays up.

No callback

Set by caller

The remote access server offers callback, the client declines, and the connection stays up.

No callback

Always callback to

The remote access server offers callback, the client declines, and the remote access server disconnects the connection.

Ask me during dialing when the server offers

No callback

The connection stays up.

Ask me during dialing when the server offers

Set by caller

The Callback dialog box appears on your computer. Type the current callback number in the dialog box, and then wait for the server to disconnect and return the call.

Optionally, you can press ESC at this point to cancel the callback process and remain connected.

Ask me during dialing when the server offers

Always callback to

The remote access server disconnects, and then returns the call by using the number specified on the remote access server.

Always call me back at the number(s) below

No callback

The connection stays up.

Always call me back at the number(s) below

Set by caller

The remote access server disconnects, and then returns the call, using the number specified in Network Connections.

Always call me back at the number(s) below

Always callback to

The remote access server disconnects and then returns the call by using the number specified on the remote access server.

After your call reaches the remote access server, the server determines that your user name and password are correct and then acts, based upon pre-configured Network Connections and remote access server callback settings.

Callback can also provide security advantages to your network. Requiring callback to a particular number enhances network security by ensuring that only users from specific locations can gain access to the server. Dropping the call and then immediately calling back to the pre-assigned callback number makes impersonation more difficult. You cannot use this aspect of callback if you are dialing in from multiple locations.

The settings in Callback indicate the conditions under which you want to use the feature. For example, you can configure callback to prompt you for a phone number during the dialing process, or you can specify that callback always call you back at a specific number.

Callback options can also be configured on a per-user basis on the dial-up properties of a user account. The Always Callback to server setting overrides Network Connections settings. Therefore, if you have specified Ask me during dialing when the server offers in Network Connections, but your user account designates Always Callback to (with a corresponding phone number), callback does not prompt you for a number when you dial in; it always calls you back at the number specified on the server. For more information about how to configure your callback options, see Windows XP Professional Help and Support Center.

If you have specified No callback, but the user account is set to Always Callback to, you cannot connect. With this combination of settings, the remote access server requests callback, your computer refuses, and then the remote access server disconnects your connection. If your computer is configured to accept incoming connections, you can enforce callback options on that computer. For more information about configuring incoming connections, see Managing Incoming Connections later in this chapter.

Dynamic Multiple Device Dialing

The PPP Multilink Protocol (MP), defined in RFC 1990, combines multiple physical links into a logical bundle, called multilink lines, and the resulting aggregate link increases your connection bandwidth. Network Connections can dynamically control the use of these multilink lines through a combination of support for MP and Bandwidth Allocation Protocol (BAP). BAP is a PPP control protocol that is used on an MP connection to dynamically manage links. This procedure can be accomplished by dialing over multiple ISDN, X.25, or analog modem lines.

To dial multiple devices, both your connection and your remote access server must have MP enabled. BAP enables the dynamic use of multiple-device dialing by allocating lines only as they are required, thereby limiting communications costs to the bandwidth requirements. You can realize a significant efficiency advantage by doing this. The conditions under which extra lines are dialed, and underused lines are disconnected, are configured by using the Options property page of a dial-up connection. For more information, see Windows XP Professional Help and Support Center.

Network Identification

Network Identification displays your computer name, and the workgroup or domain to which the computer belongs. You can change the name of your computer, or join a domain by changing the settings on the System Properties sheet.

To change the name of your computer

  1. In Control Panel, click Performance and Maintenance.

  2. In Performance and Maintenance, click System.

  3. Click the Computer Name tab.

  4. In the Computer description text box, you can type a name for the computer (for example, Mary s Computer ), and then click Apply.

  5. The computer name appears under Full Computer Name. To change that name, click Change.

  6. In Computer Name Changes, type the new computer name, and then click OK.

  7. In the Computer Name Changes dialog box, enter the name and password of an account with permission to rename this computer in the domain. Click OK.

Advanced Settings

Windows XP Professional uses network providers and bindings in the order specified in the Advanced Settings dialog box.

To open the Advanced Settings dialog box

  1. In Control Panel, click Network and Internet Connections.

  2. In Network and Internet Connections, click Network Connections.

  3. In Network Connections, select the appropriate LAN or High Speed Internet connection.

  4. On the Advanced drop-down menu, click Advanced Settings.

By changing your provider order, and by changing the order of protocols bound to those providers, you can improve performance. For example, suppose your LAN connection is enabled to access Novell NetWare and Microsoft Windows networks, which use IPX and TCP/IP respectively, but your primary connection is to a Microsoft Windows network that uses TCP/IP. You can move Microsoft Windows Network to the top of the Network Providers list on the Provider Order tab, and move Internet Protocol (TCP/IP) to the top of the File and Printer Sharing for Microsoft Networks binding on the Adapters and Bindings tab.

Note 

Microsoft Windows XP 64-Bit Edition does not support Client Service for NetWare.

An administrator can enable or disable the Advanced Settings option by using the Enable the Advanced Settings item on the Advanced menu setting in the Microsoft Management Console (MMC) Group Policy snap-in. For more information about Advanced Settings, see Connecting Clients to Windows Networks in this book.

Optional Networking Components

Optional networking components support network operations that are not automatically installed with Windows XP Professional. The components consist of the following:

To configure optional networking components

  1. In Control Panel, click Add or Remove Programs.

  2. In Add or Remove Programs, click Add/Remove Windows Components.

  3. In the Windows Components Wizard, select the networking components you want to add, and then click Next.

  4. When the wizard completes, click Finish.

Deploying Connection Manager

Connection Manager 1.3 is a client dialer, included in Windows XP Professional, whose several advanced features make it a superset of basic dial-up networking. Microsoft Windows 2000 Server includes a set of tools that enables a network manager to deliver pre-configured connections to network users. These tools are the Connection Manager Administration Kit (CMAK) and Connection Point Services (CPS).

Connection Manager provides support for local and remote connections to your service provider using a network of access points, such as those available worldwide by means of ISPs. If your service provider requires secure connections over the Internet, you can also use Connection Manager to establish VPN connections. Connection Manager s features are covered in greater detail in Table 23-3. Two features new to Windows XP Professional Access Points and Improved Help are included in Table 23-3.

Table 23-3: Connection Manager Features

Feature

Description

Branding

Enables the graphics, icons, messages, Help, and phone book support in Connection Manager to be customized to provide an identity that is unique to a service or corporation. For example, you can include custom logos, customer support, and phone book information to identify and represent a company.

Custom actions and monitored applications

Custom functionality, including original programs can be incorporated to enhance the connection experience of users. These programs can be automatically run at various points during the connection process, such as when users log on or log off. Monitored applications can be set up to automatically disconnect after the original program closes.

Multiple instances of Connection Manager 1.3

Allows remote users to run more than one Connection Manager service profile at a time. For example, users can run an Internet solution at the same time they run a corporate VPN tunnel.

Multiple user support for each service profile

Supports users who share computers. User profiles allow two or more people to use the same computer and the same service profile. Credentials are maintained, based on the logon ID of the user, so users do not have to re-enter them for each connection.

Simplified distribution

CMAK wizard can be used on a Windows 2000 based server to automatically build a service profile, the customized software required for a user to run Connection Manager on Windows XP Professional. The service profile is created as an executable file that can be distributed on compact disc or downloaded to the client.

Access Points

Used to save frequently used connection settings.

Improved Help

Provides informational balloon help for Access Points and Dialing Rules.

Additional Connection Manager client features introduced in Windows XP Professional include connection logging, VPN server selection, terminal window support, automatic route addition, and improved ISDN support.

CMAK

A network administrator can use CMAK to tailor the appearance and behavior of a connection made with Connection Manager. Using CMAK, an administrator can develop client dialer and connection software that allows users to connect to the network by using only the connection features that the administrator defines for them. Connection Manager supports a variety of features that both simplify and enhance implementation of connection support for you and your users, most of which can be incorporated using the CMAK wizard.

CMAK allows you to build profiles customizing the Connection Manager installation package that you deliver to your customers, so that Connection Manager reflects the identity of your organization. It allows you to determine which functions and features you want to include and how Connection Manager appears to your customers.

For more information about CMAK and the configuration of connection manager service profiles, see Customizing Connection Management and Settings in the Microsoft Internet Explorer 5 Resource Kit of the Microsoft Windows 2000 Server Resource Kit.

CPS

Connection Point Services (CPS) work in conjunction with Connection Manager to automate the process of updating users computers with new Points of Presence (POP) entries. Each POP entry supplies a telephone number that provides dial-up access to an Internet access point.

CPS consists of Phone Book Service, a tool for distributing phone books, and Phone Book Administrator, a tool for creating and maintaining your phone book files. The phone books provide users with complete POP information, so they can connect to different Internet access points rather than being restricted to a single POP during travel.

CPS eliminates a user s need to contact technical support to obtain changes in POP information and reconfigure their client dialer software.

Accessing Network Resources

Network Connections provides access to your network, based on the user name and, in the case of PPP connections, password credentials that you supply. This access does not imply privilege to use resources on the network. The network access control process confirms your access rights each time that you attempt to access any network resource. For more information about authentication and access control methods, see Authentication later in this chapter.

After you have connected to your network, access to network resources, such as files and printers, might be affected by one or more of the following administrative controls on both your own computer and on the resources you are trying to access.

File and Printer Sharing

File and Printer Sharing is established by each resource, and permissions depend on user name or group membership.

Group Policy

Group Policy enforces specified requirements for your users environments. For example, by using Group Policy, you can enforce local and domain security options, specify logon and logoff scripts, and redirect user folder storage to a network location.

Local Group Policy

Local Group Policy can be applied at the local computer or workgroup level. In the domain environment, Local Group Policy is overridden by domain-based Group Policy.

Note 

If your computer is connecting to a domain-protected network, you must have a user account on that network before you can be granted access to network resources that are protected by domain-based access control lists (ACLs).

For more information about Group Policy and Local Group Policy, see Connecting Clients to Windows Networks in this book.




Microsoft Windows XP Professional Resource Kit 2003
Microsoft Windows XP Professional Resource Kit 2003
ISBN: N/A
EAN: N/A
Year: 2005
Pages: 338
BUY ON AMAZON

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net