Remote Access and Network Access Protection

40 terms by Dgomez1776

Create a new folder

Advertisement Upgrade to remove ads

Routing and Remote Access provide for

* VPN remote Access Server
* Dial-up remote access server

to install the routing and remote access role you need to install

Network Policy and Access Services

if you have installed and configured RRAS before, you need to reset the configuration to get RRAS to perform other functions, to reset RRAS you run.....

netsh ras set confstate=disabled

when you configure a remote access server, what happen to network traffic

network traffic to that server will be limited to VPN traffic

after you identify the external interface, what is the next step

the next step is configure how the RAS will distribute the clients IP Address

RAS can distribute IP address to clients in 3 ways

1. DHCP server
2. RAS ip generated
3. manually specified the block of address

DHCP server have a predefines user class of IP Address for RAS call

default routing and remote access class

after the IP address has been selected, the last step is

to decide the authentication mode

EAP-TLS

Extensible Authentication Protocol - Transport Level Security

what protocol is should be used if the user is able to authenticate through smart and digital certificates?

EAP-TLS

what is a server requirement for VPN to use EAP-TLS?

Server has to be part of AD DS

MS-CHAPv2

Microsoft-Challenge Authentication Protocol

MS-CHAPv2 is

is a protocol that provides mutual authentication and allows for the encryption of data and connection data

what a VPN authentication method that provide authentication using MD5 hashing?

CHAP (challenge Handshake Authentication Protocol)

what happen when PAP is used?

with PAP authentication data is not encrypted and it passes across the network in plain text.

PPTP uses what for encryption

MPPP

PPTP provides data confidentiality but no

data integrity or data origin authentication

what is the biggest benefit of using PPTP in 2k8 over other VPN protocols

PPTP does not require certificates to be installed in the client making the connection

PPTP can be use with certificate if you use ______________ for authentication

EAP-TLS

LT2P/IPsec

Layer 2 Tunneling Protocol over IPsec

LT2P/IPsec provides

* data authentication
* data anti-replay
* data origin
* encription

SSTP VPN tunnel allows traffic ....

allows traffic to pass across firewall that block traditional VPN traffic by encapsulating traffic over SSL channel of the HTTPS

SSTP can support which OS

2k8, 2k8 R2, win 7, Vista sp1

can SSTP work through a proxy that requires authentication

nope

what VPN protocol supports a VPN reconnect feature and IPv6

IKEv2

DirectAccess is

an always on, IPv6,VPN connection

which version of Win 7 can participate in DirectAccess

Win 7 enterprise and ultimate

list requirements needed before installing DirectAccess

* 2k8 R2 installed in a Domain server
* two NIC
* Digital Certificate to support server authentication

Add-WindowsFeature DAMC

this command adds the direct access management console to the system

DirectAccess is a feature or a role

DirectAccess is feature

by deploying ISATAP you

allow intranet servers and applications to be reached by tunneling IPv6 traffic over an IPv4 intranet

a NAT-PT device allows what>?

allow host that support IPv4 only addresses to be accessible to directaccess clients using IPv6

which two rules in the firewall need to be allow for the DirectAccess clients to connect to directAccess applications

allow ICMPv6 traffic by allowing:
echo request -ICMPv6 in
echo request -ICMPv6 out

UDP port 3544

teredo traffic

IPv4 protocol 41

enables 6to4 traffic

ICMPv6 and IPv4 protocol 50 is require when..

remote desktop client have IPv6 addresses

RADIUS clients are

network access servers such as VPN servers, wireless access point and 802.1x authentication switches

what is used to configure a RADIUS client

Network Policy Server Console

RADIUS proxy

RADIUS proxy route RADIUS messages between remote access server configure as RADIUS clients and the RADIUS server that performed all the authentication.

Three reasons to deploy a RADIUS proxy

1. when serving a high number of clie

Please allow access to your computer’s microphone to use Voice Recording.

Having trouble? Click here for help.

We can’t access your microphone!

Click the icon above to update your browser permissions above and try again

Example:

Reload the page to try again!

Reload

Press Cmd-0 to reset your zoom

Press Ctrl-0 to reset your zoom

It looks like your browser might be zoomed in or out. Your browser needs to be zoomed to a normal size to record audio.

Please upgrade Flash or install Chrome
to use Voice Recording.

For more help, see our troubleshooting page.

Your microphone is muted

For help fixing this issue, see this FAQ.

Star this term

You can study starred terms together

NEW! Voice Recording

Create Set