Managing Remote Access Services

In this section, you will manage remote access services, such as dial-up and VPN.

This section corresponds to Chapter 7, “Managing Remote Access Services,”

in the MCSA/MCSE: Windows Server 2003 Network Infrastructure Implemen-tation, Management, and Maintenance Study Guide.

You will perform the following labs:

Exercise 7.1: Installing the Routing and Remote Access Services

Exercise 7.2: Controlling Multilink for Incoming Calls

Exercise 7.3: Configuring Incoming Connections

Exercise 7.4: Installing the Routing and Remote Access Services as a VPN Server

Exercise 7.5: Changing Remote Access Logging Settings

Exercise 7.6: Installing and Configuring the DHCP Relay Agent on an RRAS Server

Exercise 7.7: Configuring the DHCP Relay Agent on a Network Interface

Exercise 7.1: Installing the Routing and Remote Access Services

In this lab, you will enable routing and remote access on the server.

5024m02.fm Page 58 Friday, October 29, 2004 1:09 PM

Managing Remote Access Services 59

1. Open the RRAS MMC console by selecting Start  Administrative Tools  Routing And Remote Access.

2. Select the server in the left pane of the MMC. Right-click the server and choose Configure And Enable Routing And Remote Access. The RRAS Setup Wizard appears. Click the Next button.

3. On the Common Configuration page of the wizard, select the Remote Access (Dial-Up Or VPN) radio button and then click the Next button

4. The Remote Access page appears, allowing you to select a VPN server and/or a dial-up server. Check both checkboxes.

5. Choose any interface for the VPN. Click Next.

6. The IP Address Assignment page appears. To use DHCP (either a DHCP server on your net-work or the built-in address allocator), leave the Automatically radio button selected. Click the Next button.

7. The Managing Multiple Remote Access Servers page appears. You use this page to config-ure your RRAS server to work with other RADIUS-capable servers on your network. In this case, you don’t want to use RADIUS, so leave the No, Use Routing And Remote Access To Authenticate Connection Requests button selected and then click the Next button.

8. The summary page appears. Click the Finish button to start the RRAS service and prepare your server to be configured.

9. Leave the window open for the next lab.

Exercise 7.2: Controlling Multilink for Incoming Calls

In this lab, you will disable and then re-enable multilink.

1. In the RRAS window, right-click the server in the left pane of the MMC and choose Prop-erties. The server Properties dialog box appears.

2. Click the PPP tab.

3. Turn multilink capability off by making sure the Multilink Connections checkbox is unchecked. To turn it back on, simply check the checkbox.

4. If you decide to turn multilink capability on, you should also enable the use of BAP/BACP to make it easier for your server to adjust to the load placed on it. To do so, make sure the Dynamic Bandwidth Control Using BAP Or BACP checkbox is marked.

5. Click the OK button.

6. Close the RRAS window and return to the lab selection screen.

5024m02.fm Page 59 Friday, October 29, 2004 1:09 PM

60 Module 2
Windows Server 2003 Network Infrastructure Implementation

Exercise 7.3: Configuring Incoming Connections

In this lab, you will ensure that incoming connections are enabled.

1. In the RRAS window, right-click the server in the left pane of the MMC and choose Prop-erties. The server Properties dialog box appears.

2. Click the IP tab. Verify that both the Enable IP Routing and the Allow IP-Based Remote Access And Demand-Dial Connections checkboxes are marked.

3. Click the OK button. After a brief pause, the Properties dialog box disappears and your changes become effective.

Exercise 7.4: Installing the Routing and Remote Access Services as a VPN Server

In this lab, you will enable RRAS as a VPN server.

1. Open the RRAS window. In the RRAS window, select the server in the left pane of the MMC. Right-click the server and choose Configure And Enable Routing And Remote Access. The RRAS Setup Wizard appears. Click the Next button.

2. In the Configuration page of the wizard, select the Remote Access (Dial-Up Or VPN) radio button, and then click the Next button.

3. On the Remote Access page, check the VPN checkbox. Click the Next button.

4. On the VPN Connections page, leave the default setting and click the Next button.

5. The IP Address Assignment page appears. If you want to use DHCP (either a DHCP server on your network or the built-in address allocator), leave the Automatically radio button selected. If you want to pick out an address range, select the From A Specified Range Of Addresses button. Click the Next button.

If you choose to use static addressing, at this point the wizard will give you the opportunity to define one or more address ranges to be assigned to remote clients.

6. On the Managing Multiple Remote Access Servers page, leave the No, Use Routing And Remote Access To Authenticate Connection Requests button selected and click the Next button.

7. On the summary page, click the Finish button to start the RRAS service and prepare your server to be configured.

8. Leave the window open for the next lab.

5024m02.fm Page 60 Friday, October 29, 2004 1:09 PM

Managing Remote Access Services 61

Exercise 7.5: Changing Remote Access Logging Settings

In this lab, you will change RRAS logging settings.

1. In the RRAS window, expand the server and select the Remote Access Logging node. The right-hand MMC pane lists the log files on that server.

2. Locate the log file named Local File and then open its Properties dialog box by right-clicking it and choosing Properties.

3. The Local File Properties dialog box appears. On the Settings tab, make sure the Account-ing Requests and Authentication Requests checkboxes are marked.

4. Switch to the Log File tab. Select an appropriate time period for log rollover by choosing one of the radio buttons in the Create A New Log File control group.

5. Click the OK button.

6. Leave the window open for the next lab.

Exercise 7.6: Installing and Configuring the DHCP Relay Agent on an RRAS Server

In this lab, you will install and configure the DHCP relay agent, which is necessary if your DHCP server is not located on the local network.

1. In the RRAS window, expand the server, IP Routing, then General.

2. Right-click the General node and choose New Routing Protocol. The New Routing Proto-col dialog box appears.

3. Select DHCP Relay Agent from the list of routing protocols and then click the OK button.

4. The IP Routing node will now have a child node named DHCP Relay Agent. Select it and choose Properties to open its Properties dialog box.

5. In the DHCP Relay Agent Properties dialog box, add the IP addresses of the DHCP servers you want DHCP requests forwarded to and then click the OK button. For purposes of this simulation, any IP address will do.

6. Leave the window open for the next lab.

Exercise 7.7: Configuring the DHCP Relay Agent on a Network Interface

In this lab, you will configure the DHCP relay that you created in the previous lab.

1. In the RRAS window, verify that the DHCP relay agent is installed. If it is not, refer to Exer-cise 7.6.

2. Right-click the DHCP Relay Agent item and choose New Interface.

5024m02.fm Page 61 Friday, October 29, 2004 1:09 PM

62 Module 2
Windows Server 2003 Network Infrastructure Implementation

3. The New Interface For DHCP Relay Agent dialog box appears, listing each of the interfaces to which you could attach the relay agent. Select Local Area Connection and click the OK button.

4. The interface-specific Properties dialog box appears. If you have a DHCP server on your local network, increase the boot threshold to 5 seconds; if you don’t, decrease it to 0.

5. Click the OK button. Note that the list of DHCP relay agent interfaces has been updated to reflect the new interface. Leave the RRAS window open for the next exercise.

Managing User Access to Remote Access