to install the routing and remote access role you need to install
Network Policy and Access Services
if you have installed and configured RRAS before, you need to reset the configuration to get RRAS to perform other functions, to reset RRAS you run.....
netsh ras set confstate=disabled
when you configure a remote access server, what happen to network traffic
network traffic to that server will be limited to VPN traffic
after you identify the external interface, what is the next step
the next step is configure how the RAS will distribute the clients IP Address
RAS can distribute IP address to clients in 3 ways
1. DHCP server
2. RAS ip generated
3. manually specified the block of address
DHCP server have a predefines user class of IP Address for RAS call
default routing and remote access class
what protocol is should be used if the user is able to authenticate through smart and digital certificates?
is a protocol that provides mutual authentication and allows for the encryption of data and connection data
what a VPN authentication method that provide authentication using MD5 hashing?
CHAP (challenge Handshake Authentication Protocol)
what happen when PAP is used?
with PAP authentication data is not encrypted and it passes across the network in plain text.
what is the biggest benefit of using PPTP in 2k8 over other VPN protocols
PPTP does not require certificates to be installed in the client making the connection
SSTP VPN tunnel allows traffic ....
allows traffic to pass across firewall that block traditional VPN traffic by encapsulating traffic over SSL channel of the HTTPS
list requirements needed before installing DirectAccess
* 2k8 R2 installed in a Domain server
* two NIC
* Digital Certificate to support server authentication
by deploying ISATAP you
allow intranet servers and applications to be reached by tunneling IPv6 traffic over an IPv4 intranet
a NAT-PT device allows what>?
allow host that support IPv4 only addresses to be accessible to directaccess clients using IPv6
which two rules in the firewall need to be allow for the DirectAccess clients to connect to directAccess applications
allow ICMPv6 traffic by allowing:
echo request -ICMPv6 in
echo request -ICMPv6 out
RADIUS clients are
network access servers such as VPN servers, wireless access point and 802.1x authentication switches
RADIUS proxy route RADIUS messages between remote access server configure as RADIUS clients and the RADIUS server that performed all the authentication.