MCSE : Security Specialist
Given a remote connectivity scenario, select the appropriate
communication approach, protocol, and settings to apply.
IP
Determine whether the remote access server will use DHCP or a static
IP address pool to obtain addresses for dial-up clients. If you use
a static IP address pool, determine whether the pool will be ranges
of addresses that are a subset of addresses from the IP network to
which the server is attached or a separate subnet. If the static IP
address pool address ranges represent a different subnet, ensure
that routes to the address ranges exist in the routers of your
intranet so that traffic to connected remote access clients is
forwarded to the remote access server.
IPX
Internetwork Packet Exchange (IPX) is the traditional Novell
communications protocol that sends data packets to requested
destinations (such as workstations or servers).
An
IPX network address is a hexadecimal number, one to eight digits (1
to FFFFFFFE), that identifies a specific network cable segment. IPX
network segments can process more than one frame type. Each frame
type that is used on the network is treated as a logical network
segment and requires its own IPX address—even though each frame type
is using the same network board and physical cable segment.
PPP
Point-to-Point Protocol, is a set of industry-standard framing and
authentication protocols that enable remote access solutions to
function in a multivendor network. It is recommended that you use
PPP because of its flexibility and its role as an industry standard
as well as for future flexibility with client and server hardware
and software.
PPP
support enables computers to dial in to remote networks through any
server that complies with the PPP standard. PPP also enables remote
access clients to use any combination of IPX, TCP/IP, NetBEUI, and
AppleTalk. Remote access clients running Windows NT and Windows
2000, Windows 98, and Windows 95 can use any combination of TCP/IP,
IPX, and NetBEUI and programs written to the Windows Sockets,
NetBIOS, or IPX interface. Microsoft remote access clients do not
support the use of the AppleTalk protocol over a remote access
connection.
PPP
standards are defined in Requests for Comments (RFCs), which are
published by the Internet Engineering Task Force and other working
groups.
PPP
connection sequence
When
you connect to a remote computer, PPP negotiation accomplishes the
following:
-
Framing rules are established between the remote computer and
server. This allows continued communication (frame transfer) to
occur.
-
The remote access server then authenticates the remote user by
using the PPP authentication protocols (MS-CHAP, EAP, CHAP,
SPAP, PAP). The protocols that are invoked depend on the
security configurations of the remote client and server.
-
Once authenticated, if callback is enabled, the remote access
server hangs up and calls the remote access client.
-
The Network Control Protocols (NCPs) enable and configure the
remote client for the desired LAN protocols.
PPTP
Point-to-Point Tunneling Protocol is networking technology that
supports multiprotocol virtual private networks (VPNs), enabling
remote users to access corporate networks securely across the
Internet. Unlike the Point-to-Point Protocol (PPP), which is
designed to support a dial-up network connection to the Internet,
PPTP does not rely upon a dial-up connection. It can be used to
provide secure, tunneled end-to-end Internet connections through
other remote access technologies, such as Internet access provided
through DSL.
|