Chapter 9
Remote Access and VPN
About This Chapter
Routing and Remote Access Service (RRAS) is the Microsoft Windows 2000 component that manages both routing between networks and remote access to networks. RRAS runs on a Microsoft Windows 2000 Server or Advanced Server computer and provides the following functions:
Secure dial-up access to the network through the public telephone network (using analog or ISDN modems)
Secure, encrypted communications between private networks (a Virtual Private Network)or between a client and a private networkacross a public network, usually the Internet
TCP/IP packet routing, with support for static routes and routing protocols such as Routing Information Protocol (RIP) and Open Shortest Path First (OSPF), which automate the process of discovering nearby routers and determining which routes packets should take
Network Address Translation (NAT), which allows you to share, or multiplex, a single public IP address among a number of computers on a private network, each with its own private address
This chapter concentrates on the security aspects of RRAS: securing RRAS servers and clients, authentication by the Internet Authentication Service (IAS), and creating a VPN using Layer 2 Tunneling Protocol (L2TP).
Make sure that you know how L2TP tunneling works and that it is the recommended method to link remote clients with RRAS gateways.
Before You Begin
To complete the lessons in this chapter, you will need
A computer running Windows 2000 Server
The RRAS Server component installed on the server
A modem or other remote access device
A computer with a modem to dial in to the network
Internet connections on the server and on a client for testing VPN features