Title: Microsoft Windows 2000: Routing and Remote Access Configuration and Troubleshooting Clay Seymour Sup
1Microsoft Windows 2000 Routing and Remote
Access Configuration and Troubleshooting Clay
SeymourSupport ProfessionalMicrosoft Platforms
SupportMicrosoft Corporation
2What is Routing and Remote Access?
- Successor to Microsoft Windows NT 4.0 Remote
Access Service (RAS) - Add-on feature for Windows NT 4.0 also called
Routing and Remote Access (RRAS) - High performance service that allows one computer
to handle remote users through dial-up or VPN,
routing between branch offices, routing to the
Internet, and routing between network segments
3Configuring an RRAS Server
- Open the Routing and Remote Access tool from
Administrative Tools - Right-click on your server name to run the wizard
4Options for Configuring RRAS
- The wizard will prompt to choose from one of the
five options below, covered in the following
slides
5Internet Connection Server
- This option walks you through setting up Network
Address Translation - If you are not in a domain, it will ask if you
want to set up simple ICS instead - Allows you to create a demand dial connection to
your ISP - Asks if you want to set up the DHCP Allocator and
DNS Proxy
6Address Pool
- Configured after the wizard
- Properties of external network interface
7Address Pool (2)
- IP to IP mapping Terminal Server,
multipurpose server
8Special Ports
- Configured after wizard
- Properties of external network interface
- Port to IP mapping FTP server, WWW server
9Remote Access Server
- This option helps configure a RAS server
- If you are not in a domain, it will ask if you
want to set up simple incoming connections
instead - Allows you to select how you want to handle IP
address assignment - Asks if you want to use a radius server for
authentication (IAS)
10Remote Access Server (2)
- It will set up all modem and ISDN devices for
dial-in, and also five PPTP and five L2TP
connections (you can add more later) - Configures DHCP relay agent automatically so RAS
clients will use DHCP inform - Configures IGMP so RAS clients can run multicast
applications over their connection - Configures a default Remote Access Policy
11Virtual Private Network Server
- This option helps configure a VPN server
- Asks similar questions to RAS server setup
- Asks for which interface is your Internet
connection - Must have an Internet connection through a
network card - Will not work if you have only one network card
in the computer
12Virtual Private Network Server (2)
- Configures 128 PPTP and 128 L2TP connections (you
can change this later) - Configures DHCP Relay, IGMP, and RAS policies
just like RAS server - Configures IP filters on the selected Internet
interface so it accepts only PPTP and L2TP
connections
13Network Router
- Configures a basic IP or IPX network router
- Allows you to configure for demand-dial
connections - You must add and configure routing protocols
later (IGMP, NAT, DHCP, RIP, OSPF)
14Manually Configured Server
- Use this option if you just want to start RRAS
with default options - Routing for LAN and demand-dial is turned on
- RAS server with default settings is installed
- Configures DHCP Relay, IGMP, and RAS policies,
just like RAS server - Configures for five PPTP and five L2TP connections
15Important to Remember
- After you have run the RRAS wizard and configured
your server, you can still change it later - You can easily make a VPN-only server a RAS
server or router later on by removing the IP
filters - You can add additional routing protocols after
you are configured for NAT
16Remote Access Server Setup with PPTP, L2TP, ISDN,
and Modems
17Troubleshooting Common Issues
- General issues
- VPN/routing Issues
- NAT issues
18General Issues
- Manually configured server
- Remote registry service
- DOD static route
- Browsing
19VPN/Routing Issues
- Firewalls/routers must allow GRE traffic on port
1723 - Use the same IP scheme as the local network for
RRAS - PPP logging - Q234014
-
20VPN/Routing Issues (2)
- Set adapter to use internal interface
21Troubleshooting NAT
- NAT address assignment and name resolution
22Troubleshooting NAT (2)
- Internet connection sharing cannot be used in
conjunction with NAT - Public and private interface
- Obvious but common be sure the adapters
selected are correct
23Where To Go for More Information
- Windows 2000 Help
- Easily accessed in Windows 2000
- Also available online at http//www.microsoft.com/
windows2000/techinfo/proddoc/default.asp - Windows 2000 Resource Kit documentation
- Windows 2000 white papers at http//www.microsoft.
com/technet/win2000 - More information on Windows 2000 can be found at
http//www.microsoft.com/windows2000 - Older information on RRAS, RAS, VPN at
http//www.microsoft.com/ntserver/techresources/co
mmnet/default.asp
24Thank you for joining us for todays Microsoft
Support WebCast. For information about all
upcoming Support WebCasts and access to the
archived content (streaming media files,
PowerPoint slides, and transcripts), please
visit http//support.microsoft.com/webcasts/ We
sincerely appreciate your feedback. Please send
any comments or suggestions regarding the
Support WebCasts to feedback_at_microsoft.com and
include Support WebCasts in the subject line.