Deploying Virtual Private Networks with Microsoft Windows Server 2003 (Technical Reference)

R

RADIUS (Remote Authentication Dial-In User Service)

AAA infrastructure, 89, 95, 195, 200

Access-Reject messages, 89

account databases, 31

accounting, 34

authentication, 19

certificates, 213

clients, 116

configuring, 81, 180, 272

Connection Manager, 133, 137

deployment, 114, 116, 121, 213–216, 221, 224

described, 32

dial-up connections, 270–272

domain configuration, 271

IAS, 22

interoperability, 56

IPSec, 226

lockout features, 47

ports, 95

quarantine features, 47, 133, 137

selecting, 78

shared secrets, 95

site-to-site VPNs, 177, 180, 183, 195, 200, 216

troubleshooting, 279, 283, 286, 298, 300

unable to connect problems, 298, 300

VPN routers, 221

VPN servers, 121

RADIUS Server Selection page, 137

Raise Domain Functional Level option, 132

Raise option, 132

RAS And IAS Servers Access Check object, 285, 299

RAS And IAS Servers security group, 285, 298, 299

RASAUTH component, 280

RC4 algorithm, 42, 44

Read option, 152

Ready To Build The Service Profile page, 165

Realm Name page, 160

redundancy, 229

regedit, 198

Register Server In Active Directory option, 114, 133, 224

registry. See also HKEY_LOCAL_MACHINE registry key

authentication, 290

certificates, 98, 303, 304

Connection Manager, 128

encryption, 92, 198

IgnoreNoRevocationCheck option, 290

IgnoreRevocationOffline option, 290

lockout features, 47

name resolution, 191

NoRevocationCheck option, 291

NoRootRevocationCheck option, 291

profiles, 92

site-to-site VPNs, 191, 198, 303, 304

tracing, 281

troubleshooting, 281, 290, 303, 304

Remote Access Connections (Inbound Only) option, 184

Remote Access Logging folder, 90, 195, 196, 279

Remote Access Logging option, 224

Remote Access (Dial-Up Or VPN) option, 78, 79, 179, 180

Remote Access page, 137

Remote Access Quarantine Agent, 156

Remote Access Server option, 184

Remote Access Server Setup Wizard, 308

remote access VPNs. See also Routing And Remote Access service

AAA infrastructure, 89–95

account lockout, 47

certificate infrastructure, 96–100

clients, 64–71, 250

deployment, 248, 249–251, 272

described, 13

extranets, 267

groups, 248

Internet network infrastructure, 71–73

intranet network infrastructure, 82–89

log files, 278–280, 281

Network Access Quarantine Control, 46

Network Monitor, 282

policies, 31, 48

requirements, 54–57

solutions, 57

tracing, 280–281

troubleshooting, 277–293, 296

unable to connect problems, 283–292

unable to reach locations beyond VPN servers problem, 292

Remote Authentication Dial-In User Service (RADIUS). See RADIUS (Remote Authentication Dial-In User Service)

remote procedure call (RPC). See RPC (remote procedure call)

replay attacks, 39, 103

Request A Certificate option, 208

Request New Certificate option, 106, 110

requirements

interoperability, 54–57

overview, 16

tunneling, 19

Resource Kit (Windows Server 2003), 118, 121, 124, 128, 131, 139

retinal scanners, 40. See also biometric devices

RIP (Routing Information Protocol)

configuring, 85, 88, 237–239

deployment, 234, 235, 236, 237–239

site-to-site VPNs, 192, 194, 234–239, 307–308

troubleshooting, 292, 307–308

updates, 307

Rivest-Shamir-Adleman (RSA) algorithms. See RSA (Rivest-Shamir-Adleman) algorithms

roles, selecting, 179

route add command, 87

Route IP Packets On This Interface option, 218, 221, 254–257, 261

route print command, 278

Router (Offline Request) certificate, 203, 207, 209, 211

Router (Default Gateway) page, 133

routers. See VPN routers; routing

routing. See also demand-dial routing; Routing And Remote Access service; VPN routers

auto-static propagation, 235

deployment, 122

disabling, 95

dynamic, 229–231, 232

extrapolation layers, 229

firewalls, 76

flapping, 193, 238, 240, 307

infrastructure, 88

multi-interface, 215

name resolution, 84–88

preventing traffic, 92–94

route summarization, 192, 247

site-to-site VPNs, 192–194

solutions, 229

static, 171, 192, 199–200, 229, 231–234

tables, 172, 174, 306

VPN clients, 86–88, 92–94

VPN servers, 84–88, 122

Routing And Remote Access Server Setup Wizard, 44, 78, 180. See also Routing And Remote Access service

authentication, 185

configuring routers, 216, 220

deployment, 111, 120, 215, 216, 220, 246

described, 177

IP, 111

multi-interface routing, 215

packet filtering, 187

renaming connections, 182

roles, 179

running, 120, 246

troubleshooting, 284, 286, 292, 298, 308

unable to connect problems, 298, 299

Routing And Remote Access service, 35, 84, 90, 169, 174, 177. See also Routing And Remote Access Server Setup Wizard; Routing And Remote Access snap-in

configuring, 137

Connection Manager, 137, 159

deployment, 246

firewalls, 76

packet filtering, 93

PPTP, 76

preshared keys, 202

quarantine features, 137, 159

starting, 159

stopping, 159

tracing, 280-281

troubleshooting, 280–281, 284, 297

unable to connect problems, 284, 297

VPN servers, 77

Routing And Remote Access snap-in. See also Routing And Remote Access service

accounting logs, 279

authentication logs, 279

auto-static updates, 236

demand-dial routing, 217

deployment, 121, 216–217, 234–235, 247, 254

event logs, 279

Routing And Remote Access snap-in (continued)

Ports object, 121

site-to-site VPNs, 216, 234–235, 299, 306, 308–309

static routing, 234, 235

troubleshooting, 279, 286, 296–300, 306, 308–309

unable to connect problems, 297, 300

Routing Information Protocol (RIP). See RIP (Routing Information Protocol)

Routing Table Update page, 162

RPC (remote procedure call), 195

Rqc.exe, 118, 124, 147, 164

Rqs.exe, 155, 156

Rqs_setup.bat, 121, 155

RSA (Rivest-Shamir-Adleman) algorithms, 42, 44

Related

Категории