Please enable JavaScript.
Coggle requires JavaScript to display documents.
CHAPTER 3 : REMOTE ACCESS SOLUTION IN WINDOWS SERVER ENVIRONMENT - Coggle…
CHAPTER 3 : REMOTE ACCESS SOLUTION IN WINDOWS SERVER ENVIRONMENT
VIRTUAL PRIVATE NETWORK (VPN)
DEFINITION
VIRTUAL PRIVATE NETWORK IS A LOGICAL CONNECTION ON THE INTERNET FOR TRANSMITTING DATA SECURELY.
HOW IT WORKS
VPN CREATES POINT-TO-POINT LINK BETWEEN TWO LINK COMPUTERS ON THE WAN.
FEATURES
VPN UTILIZING TUNNELING PROTOCOLS AND DATA ENCRYPTION ALGORITHMS
VPN ENABLES REMOTES USERS TO GET CONNECTED TO AN ORGANIZATION'S NETWORK OVER THE INTERNET INFRASTRUCTURE
THE KIND OF NETWORK IMPLEMENTED IN TWO WAYS:-
(1) SITE TO SITE
DEFINITION
THE SITE-TO-SITE VPN ENABLES ORGANIZATIONS TO CONNECT TWO SEPARATE NETWORKS OVER THE INTERNET
HOW IT WORKS
WITH SITE-TO-SITE VPN, THESE TUNNELS GO FROM ONE LOCATION TO ANOTHER, AND THE ONLY PEOPLE WHO CAN SEE THE DATA BEING TRANSFERRED ARE USERS LOGGED ONTO THE NETWORK
FEATURES
MOBILE APPS
(2) REMOTE ACCESS
DEFINITION
THE REMOTE ACCESS VPN CONNECTS REMOTE USERS (TELECOMMUTERS) WITH THE SERVER ON THEIR ORGANIZATION'S PRIVATE NETWORK
HOW IT WORKS
REMOTE ACCESS WORKS BY CREATING A VIRTUAL CONNECTION BETWEEN THE USER AND THE REMOTE COMPUTER THROUGH INTERNET CONNECTION
FEATURES
REMOTE ACCESS SHOULD BE AVAILABLE FROM ANY DEVICE OR BROWSER
CONFIGURATION
REMOTE ACCESS CONFIGURATION OPTION THERE ARE 3 CHOICES EITHER DEPLOY BOTH VPN AND DA OR DEPLOY DA ONLY AND FINALLY DEPLOY VPN ONLY OPTION
COMPLETE INTEGRATION PROCESS VPN SOLUTION FOR WINDOWS SERVER
ON ROLE SERVICES, SELECT DIRECTACCESS AND VPN(RAS).
CLICK NEXT TO PROCEED WITH INSTALLATION
SELECT DEPLOY VPN ONLY
CONFIGURE THE VPN BY RIGHT-CLICK ON VAD(LOCAL) AND SELECT CONFIGURE OPTION
ON SERVER ROLES SELECT REMOTE ACCESS AND PROCEED WITH THE NEXT STEP
USE ADD ROLES AND FEATURES WIZARD FROM SERVER MANAGE TO START START INSTALLATION
CLICK ADD FEATURE UPON SELECTING THE DIRECTACCESS AND VPN(RAS) FROM ROLE SERVICES
SELECT CUSTOM CONFIGURATION AND CLICK NEXT
CLICK FINISH
CLICK START SERVICE TO ENABLE VPN SERVICES
RIGHT CLICK ON VAD(LOCAL) AND SELECT PROPERTIES. GO TO IPV4 TAB AND SET IPV4 ADDRESS ASSIGNMENT TO STATIC ADDRESS POOL
CLICK APPLY TO SET THE CONFIGURATION
SELECT ADAPTER TO WAN
SET THE RANGE IP ADDRESS TO THE SAME LAN SUBNET.
RESTART VPN SERVICES
ROUTING INFORMATION PROTOCOL (RIP)
DEFINITION
ROUTER INFORMATION PROTOCOL(RIP) IS A DYNAMIC ROUTING PROTOCOL THAT USES HOP COUNT AS ROUTING METRIC TO FIND THE BEST PATH BETWEEN SOURCE AND DESTINATION NETWORK
HOW IT WORKS
RIP USES A DISTANCE VECTOR ALGORITHM TO DECIDE WHICH PATH TO PUT A PACKET ON TO GET TO ITS DESTINATION
IF A ROUTER CRASHES OR A NETWORK CONNECTION IS SEVERED, THE NETWORK DISCOVERS
ROUTER STOPS SENDING UPDATES TO ITS NEIGHBORS
STOPS SENDING AND RECEIVING UPDATES ALONG THE SEVERED CONNECTION
IF A ROUTER RECEIVES AN UPDATE ON A ROUTE, AND THE NEW PATH IS SHORTER, IT WILL UPDATE IT'S TABLE ENTRY WITH THE LENGTH AND NEXT-HOP ADDRESS OF THE SHORT PATH
FEATURES
UPDATES OF THE NETWORK ARE EXCHANGED PERIODICALLY
UPDATES(ROUTING INFORMATION) ARE ALWAYS BROADCAST
FULL ROUTING TABLES ARE SENT IN UPDATES
ROUTERS ALWAYS TRUST ROUTING INFORMATION RECEIVED FROM NEIGHBOR ROUTERS
CONFIGURATION
RIGHT-CLICK ON IPV4 >GENERAL
SELECT NEW ROUTING PROTOCOL
RIGHT-CLICK ON IPV4>RIP
SELECT NEW INTERFACE
SELECT THE REQUIRED INTERFACE
CLICK OK TO PROCEED
CLICK OK TO PROCEED
NETWORK POLICY SERVER (NPS)
DEFINITION
NETWORK POLICY SERVER A SET RULE OF TO CONTROL NETWORK ACCESS
HOW IT WORKS
TO BE GRANTED ACCESS, USER MUST MEET CONDITIONS OF A CONNECTION REQUEST POLICY AND NETWORK POLICY
FEATURES
A NETWORK POLICY CAN BE SIMPLE AS SPECIFYING THAT A PARTICULAR USER GROUP HAS ACCESS.
A CONNECTION REQUEST POLICY INCLUDES TYPE OF ACCESS, TIME OF ACCESS, AND WHICH AUTHENTICATION PROTOCOLS ARE AVAILABLE
NETWORK ADDRESS TRANSLATION
DEFINITION
NETWORK ADDRESS TRANSLATION IS A PROCESS IN WHICH ONE OR MORE LOCAL IP ADDRESS IS TRANSLATED INTO ONE OR MORE GLOBAL IP ADDRESS AND VICE VERSA
TO PROVIDE INTERNET ACCESS TO THE LOCAL HOSTS
HOW IT WORKS
WHEN A PACKET TRAVERSE OUTSIDE THE LOCAL (INSIDE) NETWORK,
NAT CONVERTS THAT LOCAL (PRIVATE) IP ADDRESS TO A GLOBAL(PUBLIC) IP ADDRESS
WHEN A PACKET ENTERS THE LOCAL NETWORK,
THE GLOBAL (PUBLIC) IP ADDRESS IS CONVERTED TO A LOCAL( PRIVATE) IP ADDRESS
FEATURES
NETWORK ADDRESS TRANSLATION(NAT) CONSERVES IP ADDRESSES BY ENABLING PRIVATE IP NETWORKS USING UNREGISTERED IP ADDRESSES TO GO ONLINE
BEFORE NAT FORWARDS PACKETS BETWEEN THE NETWORKS IT CONNECTS, IT TRANSLATES THE PRIVATE INTERNAL NETWORK ADDRESSES INTO LEGAL, GLOBALLY UNIQUE ADDRESSES.
CONFIGURATIONS
CONFIGURATIONS AND ENABLE ROUTING AND REMOTE ACCESS
SELECT THE INTERFACE WHICH IS CONNECTED TO THE INTERNET
CLICK FINISH TO END