Chapter 12: Remote Access Protocols, Services, and Troubleshooting
Chapter Outline
1. On the Test
a. 2.12. Define the function of the following remote access protocols and services: RAS; PPP; PPTP; ICA.
b. 3.7. Given a remote connectivity scenario (e.g., IP, IPX, dial-up, PPPoE, authentication, physical
connectivity, etc.), configure the connection.
c. 4.3. Given a troubleshooting scenario involving a remote connectivity problem (e.g., authentication
failure, protocol configuration, physical connectivity), identify the cause of the problem.
2. Understanding Remote Access
a. Remote access is the process of gaining access to some type of network remotely, or from a distant
location.
b. Once the user is authenticated, she or he may or may not be required to log on a second time through the
appropriate network client, i.e., the Novell Client for NetWare Networks or the Microsoft Client for
Microsoft Networks.
c. Once users are authenticated, they have access to network resources, just like any other network client.
d. When using remote access, there are two components to consider: the remote access server and the
remote access client.
3. Remote Access Server (RAS)
a. Almost all major manufacturers of networking operating systems, such as Microsoft and Novell, make a
remote access component that can be installed on their servers.
b. Once they are installed and configured, remote access clients have the ability to connect to the server
and then access the network.
4. RAS Installation
a. When you install the Routing and Remote Access Service (RRAS) on a Windows 2000 server, you
enable support for both multiprotocol routing and remote access.
b. The multiprotocol routing component enables the server to act as a static router, making routing
decisions for the AppleTalk, IPX, and IP protocols, through manually configured routing tables.
5. RAS Configuration
Once the advanced RRAS service has been successfully completed, you have the option of making changes
to the server’s configuration.
6. Security
a. The Security screen determines the type of authentication that will be provided for dial-up clients.
b. You can also choose the authentication method that you want to use. Some examples are:
i. Extensible authentication protocol (EAP)
ii. Microsoft encrypted authentication version 2 (MS-CHAP v2)
iii. Microsoft encrypted authentication (MS-CHAP)
iv. Encrypted authentication (CHAP)
v. Shiva Password Authentication Protocol (SPAP)
vi. Unencrypted password (PAP)
c. You may also choose to allow clients to connect without authentication.
1
d. The exact authentication method you choose will be determined the type of client that is connecting, the
protocols used, etc.
7. IP. The IP property sheet allows you to enable IP routing along with several other IP based options.
8. PPP
a. At the PPP screen, you can enable an RRAS server to support the Point-to-Point Protocol (PPP), and set
several other options.
b. Multilink allows you to connect multiple adapters to multiple lines in order to take advantage of the
bandwidth of more than one line. If you want to use multilink over a dial-up connection, the following
rules apply:
i. The ISP you are dialing into must support the synchronization of multiple modems.
ii. You will need to install multiple modems
iii. You will need to plug a separate phone line into each modem.
c. An exception to this rule is ISDN. One ISDN adapter can act as more than one device because ISDN
includes two 56Kbps B channels.
d. Each of these channels can be used independently of the other, essentially creating two separate physical
devices.
e. A multilink connection can be used to combine multiple ISDN B channels of a Basic Rate Interface
(BRI) connection
f. You may also select to use Bandwidth Allocation Protocol (BAP) and Bandwidth Allocation Control
Protocol (BACP) to allow for dynamic control of the multilink bandwidth. Both BAP and BACP are
able to adapt to changing bandwidth conditions. BAP provides all of the parameters necessary to allow
the client and server to negotiate when using multilink.
9. Event Logging
a. The Event Logging property sheet allows you to determine whether or not errors and warnings should be
logged and the amount of information that is logged by each.
b. You can also enable or disable the logging of PPP events.
10. Remote Access Client
a. From a hardware point of view, the client must have a modem installed and the modem must be
connected to a phone line.
b. Once these physical requirements are met, a dial-up connection is established using system supplied
software.
c. Your dial-up connection has a number of properties that can be changed to help connect to a RRAS
server. Examples include:
i. General
ii. Allows you to change the area code or phone number that is being dialed.
iii. Options
iv. Can be used to change dialing and redialing options
v. Security
vi. Used to set security validation options, such as using an unsecure versus as a secure password for
logon.
vii. Networking
viii. Displays the networking components, such as clients, protocols, and services that are being used to
make the connection to the RRAS server
ix. Sharing
x. Allows you to enable and disable Internet connection sharing
2
11. Serial Line Internet Protocol (SLIP)
a. For the RRAS server and client to communicate with each other, they must use a protocol.
b. SLIP is a TCP/IP-based protocol that allows the client and server to talk with each other.
c. SLIP connections are now an older technology with many limitations.
d. SLIP is being replaced by a newer technology, the point-to-point protocol (PPP).
12. Point-to-Point Protocol (PPP)
a. Point-to-Point Protocol (PPP) is also a serial communications-based protocol that allows a dial-up client
to access an RRAS server.
b. PPP provides error-checking features that SLIP does not, and it has the ability to share a data line.
c. PPP can handle synchronous and asynchronous communications.
d. PPP has the added advantage of allowing you to use more than one protocol. While SLIP can only
transport TCP/IP traffic, PPP can transport TCP/IP, IPX/SPX, and even AppleTalk traffic.
e. All of these protocols can be transported at the same time using PPP’s multiprotocol transport
mechanism.
f. PPP also provides additional security through the use of both Password Authentication Protocol (PAP)
and Challenge-Handshake Authentication Protocol (CHAP).
13. Point-to-Point Tunneling Protocol (PPTP)
a. The Point-to-Point Tunneling Protocol (PPTP) was designed as a more secure way of transmitting
messages across the Internet.
b. PPTP is commonly used to create Virtual Private Networks (VPNs).
14. Independent Computing Architecture (ICA) Protocol
a. Independent Computing Architecture (ICA) is a Presentation layer protocol that allows any Microsoft
Windows client to act as a thin client.
b. That means that the client computer, even though is has a hard drive and its own processing power,
connects to a central server, which actually runs the application.
c. All keystrokes and mouse movements and strokes on the client are transmitted to the server where they
are executed.
d. The server responds by sending screen updates back to the client computer. These screen updates are
displayed in one or more windows on the client PC.
15. Troubleshooting RAS Problems
a. The important thing to remember about the RAS environment is that standard networking rules apply.
b. This means that the client computers must have some type of network adapter, in this case a modem.
c. The client computer must be running the appropriate client software and network protocol.
16. Authentication Failure
a. When an authentication failure occurs, always ensure you are typing the correct user name and
password.
b. Although user names are generally not case sensitive, passwords are, so make sure the Caps Lock key is
not engaged and try again.
c. If you are still unable to authenticate, check with the server administrator to make sure your account has
not been locked out or changed in any way.
d. Have the administrator reset the password and try again.
e. Another area to check is the type of security and protocols that are being used.
f. The client and the server must be able to speak the same language in order to authenticate your request
to log on to the server.
g. Make sure you have physical connectivity to the server.
3
17. Protocol Configuration
a. Since one of the primary uses of RRAS is to enable Internet connectivity, all RRAS servers will
generally use the TCP/IP protocol.
b. Therefore, the TCP/IP protocol must be installed on the client computer.
c. You may or may not be required to manually configure your TCP/IP addressing parameters. If you are,
the standard rules concerning address class, subnet mask, etc., must be followed.
d. The information must be entered correctly into the correct boxes and all settings, to include DNS
servers, must be assigned.
e. In cases where you are required to statically or manually assign IP addressing information, your ISP
should provide you with written instructions.
f. Today, most ISPs will assign IP addresses to client computers dynamically. That means that when you
log on to the RRAS server, the server will pass all of the addressing parameters to the client.
g. The client must still have the TCP/IP protocol installed and it must be configured to automatically
accept IP addressing.
h. You may also be required to configure the client software on the computer to designate if the computer
belongs to a Windows domain or workgroup.
18. Physical Connectivity
a. If your dial-up connection was working correctly and suddenly stopped, begin by conducting some
simple checks of the modem and phone line.
b. Although features vary from brand to brand and model to model, most modems contain one or more
lights that will give you an idea whether the problem is with the modem, the telephone line, or the
computer.
c. Some of the status lights that are common on most modems include:
i. Activity
ii. TX and RX
d. If the lights are not lit, follow these steps to check the Device Manager utility to ensure the network card
is configured correctly.
e. Check the status of the adapter to ensure it is functioning correctly.
f. Finally, check the telephone wiring at your home or office.
4