UEU-co logo


Previous Page Next Page

Part III: Advanced Networking


Hour 17 Remote Access and Virtual Private Networking


Hour 18 Implementing Network Routing


Hour 19 Implementing Terminal Services


Hour 20 Understanding WINS

Hour 17. Remote Access and Virtual Private Networking

What You’ll Learn in This Hour:

Microsoft has combined a number of connectivity services and security features into the Network Policy and Access Services role. This role provides a number of remote connectivity possibilities, including dial-in connections and connection via virtual private networking (VPN). This hour looks at the installation and configuration of the Network Policy and Access Services role, and more specifically at remote access via dial-in and VPN connections. It also looks at some of the security measures related to remote access, including Microsoft’s implementation of a RADIUS server, the Network Policy Server (NPS). It also looks at specific authentication protocols provided by the Network Policy Server.

Understanding Microsoft Remote Access

The Network Policy and Access Services role provides a number of specific services on a server running Windows Server 2008. These services include the Network Policy Server, Routing and Remote Access, which includes the Remote Access Service (RAS). RAS can be used to configure secure Virtual Private Networking connections and traditional dial-in connections for your remote users.

By the Way

The Network Policy Server can also be configured for network access protection (NAP) for your wired network, based on health policies. This means that your network will be secured because the NAP server checks the “health” of client computers based on whether or not they are running the Windows firewall, have the latest antivirus signatures, and have the latest Windows updates. Hour 11, “Deploying Group Policy and Network Access Protection,” discusses NAP as related to health policies.

The NPS role also enables you to configure a multihomed server (a server with two or more network cards) as a fully functional router. Configuring a server running Windows Server 2008 as a router is covered in Hour 18, “Implementing Network Routing.” A server with multiple network interfaces also allows you to connect a group of computers with private IP addresses to the Internet using the Network Address Translation protocol and one public IP address (meaning the computers can share the Internet connection provided by the server). This NPS feature is examined in Hour 22, “Using Network Address Translation and Certificate Services.”

VPN also requires a multihomed computer; meaning a server with two or more network interfaces. So, you must install a second network adapter on a server that is to be used for VPN connections.

A server supplying remote access via NPS supplies a remote host with a connection to the network. It also provides the remote host with access to the same network resources that can be accessed by computers directly connected to the network. A domain controller can function as an RAS server for your domain.

Dial-up access requires the installation of communications hardware such as an analog modem (or modems in a modem pool), an ISDN modem (an ISDN terminal adapter), or some other connectivity device on the computer. The end user also uses a modem to connect to the RAS server via a network such as the Plain Old Telephone System (POTS).

VPN connections are a secure and private way for a remote user connected to the Internet to connect to your private corporate network. In effect, you are creating a private communication line over an otherwise public communication system.

Let’s take a look at adding the Network Policy and Access Services role and the services needed for remote access. We can then look at specific issues related to dial-in connections and VPNs, respectively.

Previous Page Next Page

Leave a Reply

Time limit is exhausted. Please reload the CAPTCHA.


apply_now Pepperstone Group Limited