1 / 22

Comprehensive Guide to RRAS and VPN Configuration

Learn about Routing and Remote Access Service, VPN setup, network configuration, and authentication protocols for secure remote access. Understand how to configure VPN servers and manage network routes effectively.

niveditha
Download Presentation

Comprehensive Guide to RRAS and VPN Configuration

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Network: Admin-Inter10-150-186Instructor: Michael Teske

  2. Routing and Remote Access Service • RRAS • Formerly Remote Access Service in NT 4.0

  3. Common Applications • Two functions: • Accepting Inbound calls • Universal Gateway to your network • Same functionality as if they were attached to the LAN, although slower. • Connecting one private network to another. • Placing Outbound calls (DUN) • Dial Up Networking • Internet Connectivity • Internet Gateway utilizing NAT (Network Address Translation)

  4. Common Applications • Accepting VPN (virtual private network) from remote clients • Running a secure private network over an insecure public network (internet). • All clients need is an internet connection, a valid IP address and then establishing a VPN session to the RRAS server. • Session is secure and encrypted.

  5. Things to consider • How will it be utilized? • What will be running on your DUN or VPN? • File-based apps versus client-server apps • Microsoft Access versus Microsoft SQL Server • Access requests continuously query the drive after each record search. • QuickBooks-File Based application. It will work, however performance will be unacceptable. • http://quickbooks.intuit.com/ • Microsoft SQL Server: a query is sent to the server from a client application and the query is run at the server and results are then transmitted back to the client. • MAS 200 from Best Software (Peachtree Accounting) • Client/server version: Sage MAS 200 uses the latest thin-client architecture to deliver high-speed performance across the Internet or via a dial-up connection.(http://www.sagesoftware.com/mas90/)

  6. ROUTING BETWEEN CONNECTED NETWORKS

  7. ROUTING USING MULTIPLE ROUTERS

  8. CONFIGURATION OPTIONS FOR REMOTE ACCESS SERVERS

  9. CONFIGURING DIAL-UP REMOTE ACCESS

  10. CONFIGURING VIRTUAL PRIVATE NETWORKS

  11. C o m p o n e n t D e s c r i p t i o n C o m p o n e n t D e s c r i p t i o n VPN server Accepts VPN connections from a VPN client VPN client Request VPN connection with a VPN server VPN connection Portion of connection where data is e n crypted VPN tunnel Portion of connection where data is enca p sulated Point-to-Point Tunneling Tunneling protocol Protocol (PPTP) Layer Two Tunneling Tunneling protocol that includes PPTP Protocol (L2TP) plus Layer 2 Forwarding (L2F) COMPONENTS OF A VPN

  12. CONFIGURING NETWORK ADDRESS TRANSLATION

  13. STATIC AND DYNAMIC ROUTES

  14. STATIC AND DYNAMIC ROUTING

  15. STATIC AND DYNAMIC ROUTING • Dynamic Routing on RRAS uses: • RIP-used for exchanging routing information among small to medium sized networks • OSPF-used for exchanging routing information among large to enterprise sized networks • IGMP Router and Proxy-used for multicast routing • DHCP Relay Agent-also considered a routing protocol. Routes DHCP packets between segments.

  16. ROUTING TABLES

  17. Routing Tables • TO view the table at the command prompt: • C:\>route print

  18. PACKET FILTERING • Packet filtering determines what types of packets are allowed to be transmitted both inbound and outbound.

  19. AUTHORIZING REMOTE ACCESS CONNECTIONS

  20. CONFIGURING A REMOTE ACCESS POLICY With Remote Access Policies, connections can be allowed or denied based on group membership, time of day, user attributes, type of connection as well as other variables.

  21. CENTRALIZING NETWORK ACCESS AUTHENTICATION AND POLICIES

  22. AUTHENTICATION PROTOCOLSAuthentication methods on page 1431 • Extensible Authentication Protocol-Transport Layer Security (EAP-TLS)-typically used with smart cards. • Microsoft Challenge Handshake Authentication Protocol version 2 (MS-CHAP v2) – Default for Microsoft, multiple • Microsoft Challenge Handshake Authentication Protocol version 1 (MS-CHAP v1) – support for legacy systems • Extensible Authentication Protocol-Message Digest 5 Challenge Handshake Authentication Protocol (EAP-MD5 CHAP)-similar to CHAP-2, but uses MD5 hashing and provides support for non-Microsoft clients. • Challenge Handshake Authentication Protocol (CHAP)-compatible with non-Microsoft clients. Does not support encryption of connection data. • Shiva Password Authentication Protocol (SPAP)-weak encryption. Does not support encryption of connection data. • Password Authentication Protocol (PAP)-user credentials are sent over network in plain text.

More Related