| < Day Day Up > |
|
Windows Server 2003 supports two VPN protocols: PPTP and L2TP/IPSec. PPTP was developed by Microsoft, and it is the default protocol. L2TP/IPSec is an Internet standard that provides interoperability with a greater number of clients.
Windows Server 2003 supports eight methods for authenticating users: EAP, MS- CHAP v2, MS-CHAP v1, CHAP, SPAP, PAP, preshared keys, and unauthenticated access.
Use EAP to authenticate users with a public key certificate or smart card. Only Windows Server 2003, Windows XP, and Windows 2000 clients support EAP.
You can configure a remote access server and clients without changing the default settings. By default, encryption is required, and MS-CHAP v2 or MS-CHAP v1 authentication will be used.
Edit the remote access server’s properties to increase or restrict the available authentication protocols. Select EAP authentication to enable authentication with public key certificates or smart cards.
User authorization can be controlled from three places: the user’s dial-up properties, a RAP configured on the remote access server, and a RAP configured on the IAS RADIUS server.
You can manually configure remote access authentication and encryption settings on individual client computers by editing the properties of the network connection.
Use the CMAK Wizard to create executable files that create preconfigured remote access connections on client computers.
| < Day Day Up > |
|