Overview
Exploring New Protocols
Extensible Authentication Protocol (EAP)
Allows for the Client and Server to Negotiate the Authentication Method That They Will Use
Supports Authentication by Using:
Generic token cards
MD5-CHAP
TLS
Ensures Support of Future Authentication Methods Through an API
Remote Authentication Dial-in User Service (RADIUS)
Layer Two Tunneling Protocol (L2TP)
| Function |
L2TP |
PPTP |
| Use to create an encrypted tunnel |
X |
X |
| Uses PPP |
X |
X |
| Requires IP-based transit internetwork |
|
X |
| PPP encryption |
|
X |
| IPSec encryption |
X |
Optional |
| Tunnel authentication |
X |
|
Bandwidth Allocation Protocol (BAP)
Configuring Outbound Connections
Creating a Dial-up Connection
Connecting to a Virtual Private Network
Connecting Directly
Configuring Inbound Connections
Configuring an Internet Connection Server
Configuring a Remote Access Server
Configuring a Virtual Private Network Server
Examining Remote Access Policies
Examining Remote Access Policy Evaluation
Following Policy Evaluation Logic
Examining Default and Multiple Policies
Default Remote Access Policy
Native mode (default policy denies all attempts unless User’s account is set to Allow)
Mixed mode (default policy overridden)
Multiple Policies
Creating a Remote Access Policy
Configuring User Dial-in Settings
Configuring Remote Access Policy Conditions
If the Connection Attempt...
Is Between 8 A.M.-5 P.M., Monday-Friday
AND
Is from Any IP Address That Matches 192.168.*.*
AND
Is from Any User in the Sales Group
Configuring Remote Access Profile Settings
Offer the Following...
90 Minute Connect Time
AND
4 Multilink Lines(line drops if 50% use for 10 minutes)
AND
Required IPSec Encryption
Implementing Demand-Dial Routing
Examining the Role of Connection Sharing
Configuring Connection Sharing
Implementing Connection Sharing
Configuring Network Address Translation
Examining the Role of Demand-Dial Routing
Configuring a Demand-Dial Router
Connecting the Router
Configure a static IP address and subnet mask
Configure DNS and WINS server addresses
Configuring Routing and Remote Access
Start a manually configured Routing and Remote Access server
Configure a static address pool for incoming demand-dial connections
Creating a Demand-Dial Interface
Configuring Static IP Routes
Using the change user Command