CREATING A REMOTE ACCESS POLICY FOR DOMAIN ADMINISTRATORS IN THIS PROC...

4. - MICROSOFT PRESS MCSA MCSE SELF PACED TRAINING KIT EXAM 70 - 293 PHẦN 4 PPT 4. - MICROSOFT PRESS MCSA MCSE SELF PACED TRAINING KIT EXAM 70 - 293 PHẦN 4 PPT 4. - MICROSOFT PRESS MCSA MCSE SELF PACED TRAINING KIT EXAM 70 - 293 PHẦN 4 PPT 4. - MICROSOFT PRESS MCSA MCSE SELF PACED TRAINING KIT EXAM 70 - 293 PHẦN 4 PPT
MICROSOFT PRESS MCSA MCSE SELF PACED TRAINING KIT EXAM 70 - 293 PHẦN 4 PPT

4.

Which of the following is not a component of a remote access policy?

a.

Authentication protocol

b.

Conditions

c.

Remote access profile

d.

Remote access permission

Lesson Summary

To determine the security requirements you need for your remote access server,

determine which users need remote access to the network, what type of access

they need, and whether different users require different degrees of access.

RRAS supports several authentication protocols, including EAP, MS-CHAP (ver­

sions 1 and 2), CHAP, SPAP, and PAP.

Remote access policies are sets of conditions that remote clients attempting to con­

nect to the Routing and Remote Access server must meet. You can use policies to

control remote access based on group membership and other criteria.

Lesson 3 Securing Remote Access

5

-

39

RRAS matches each connection attempt against the list of remote access policies

you create on the server. The server grants access only when a connection meets

all the conditions in one of the policies.

Remote access profiles are sets of attributes that RRAS applies to connections after

successfully authenticating and authorizing them. You can use profiles to control

when clients can connect to the network, what types of IP traffic you permit them

to use, and what authentication protocols and encryption algorithms they must use.

Lesson 4: Troubleshooting TCP/IP Routing

The Routing and Remote Access service is one of the more complex components in

Windows Server 2003. Because RRAS can perform so many functions, it has a large num­

ber of configurable settings. Even a minor misconfiguration can prevent the server from

routing traffic properly. The TCP/IP implementation in Windows Server 2003 includes a

variety of tools that you can use to troubleshoot RRAS and its various functions.

After this lesson, you will be able to

Use TCP/IP tools to isolate a router problem

Check an RRAS installation for configuration problems

Troubleshoot static and dynamic routing problems

Estimated lesson time:

2

0 minutes

Isolating Router Problems

In most cases, administrators discover router problems when communications fail

between computers on the network. However, once the troubleshooter suspects that

there might be a routing problem, the next step is to determine which router is mal­

functioning. Some of the TCP/IP tools in the Windows operating system that can help

you in this respect are discussed in the following sections.

Using Ping.exe

PING is the standard TCP/IP tool for testing connectivity; virtually every TCP/IP client

includes a PING implementation. In the Windows operating systems, PING takes the

form of a command line program called Ping.exe. By typing ping followed by an IP

address on the command line, you can test any TCP/IP system’s connectivity with any

other system.

Note

PING functions by transmitting a series of Echo Request messages containing a sam­

ple of random data to the destination you specify, using the Internet Control Message Proto­

col (ICMP). The system that receives the Echo Request messages is required to generate an

Echo Reply message for each request that contains the same data sample and return the

messages to the sender.

Compared to other tools, PING has limited utility when you are trying to locate a mal­

functioning router. You might be able to ping a router’s IP address successfully even

when it is not routing traffic properly. However, as part of your initial troubleshooting

efforts, you can use PING to test a routed network connection in the following manner:

Lesson 4 Troubleshooting TCP/IP Routing

5

-

41