Beruflich Dokumente
Kultur Dokumente
Protocol/Internet Protocol (TCP/IP) to interconnect various defense department computer networks. The
Internet, an international Wide Area Network, uses TCP/IP to connect government and educational
institutions across the world. TCP/IP is also in widespread use on commercial and private networks. The
TCP/IP suite includes the following protocols
Network Layer
DHCP Dynamic Host Configuration Protocol
DVMRP Distance Vector Multicast Routing Protocol
ICMP/ICMPv6 Internet Control Message Protocol
IGMP Internet Group Management Protocol
IP Internet Protocol version 4
IPv6 Internet Protocol version 6
MARS Multicast Address Resolution Server
PIM Protocol Independent Multicast-Sparse Mode (PIM-SM)
RIP2 Routing Information Protocol
RIPng for IPv6 Routing Information Protocol for IPv6
RSVP Resource ReSerVation setup Protocol
VRRP Virtual Router Redundancy Protocol
Transport Layer
ISTP
Mobile IP Mobile IP Protocol
RUDP Reliable UDP
TALI Transport Adapter Layer Interface
TCP Transmission Control Protocol
UDP User Datagram Protocol
Van Jacobson compressed TCP
XOT X.25 over TCP
Session Layer
BGMP Border Gateway Multicast Protocol
Diameter
DIS Distributed Interactive Simulation
DNS Domain Name Service
ISAKMP/IKE Internet Security Association and Key Management Protocol and
Internet Key Exchange Protocol
iSCSI Small Computer Systems Interface
LDAP Lightweight Directory Access Protocol
MZAP Multicast-Scope Zone Announcement Protocol
NetBIOS/IP NetBIOS/IP for TCP/IP Environment
Application Layer
COPS Common Open Policy Service
FANP Flow Attribute Notification Protocol
Finger User Information Protocol
FTP File Transfer Protocol
HTTP Hypertext Transfer Protocol
IMAP4 Internet Message Access Protocol rev 4
IMPPpre/IMPPmes Instant Messaging and Presence Protocols
IPDC IP Device Control
IRC ·Internet Relay Chat Protocol
ISAKMP Internet Message Access Protocol version 4rev1
ISP
NTP Network Time Protocol
POP3 Post Office Protocol version 3
Radius Remote Authentication Dial In User Service
RLOGIN Remote Login
RTSP Real-time Streaming Protocol
SCTP Stream Control Transmision Protocol
S-HTTP Secure Hypertext Transfer Protocol
SLP Service Location Protocol
SMTP Simple Mail Transfer Protocol
SNMP Simple Network Management Protocol
SOCKS Socket Secure (Server)
TACACS+ Terminal Access Controller Access Control System
TELNET TCP/IP Terminal Emulation Protocol
TFTP Trivial File Transfer Protocol
WCCP Web Cache Coordination Protocol
X-Window X Window
Routing
BGP-4 Border Gateway Protocol
EGP Exterior Gateway Protocol
EIGRP Enhanced Interior Gateway Routing Protocol
HSRP Cisco Hot Standby Router Protocol
IGRP Interior Gateway Routing
NARP NBMA Address Resolution Protocol
NHRP Next Hop Resolution Protocol
OSPF Open Shortest Path First
TRIP Telephony Routing over IP
Tunneling
ATMP Ascend Tunnel Management Protocol
L2F The Layer 2 Forwarding Protocol
L2TP Layer 2 Tunneling Protocol
PPTP Point to Point Tunneling Protocol
Security
AH Authentication Header
ESP Encapsulating Security Payload
TLS Transport Layer Security Protocol
You may have two options to setup VPN server on Windows 2003. 1) Create an incoming
networking connection if you have small network or you want to setup one PC to PC
VPN; 2) If you have large numbers of incoming connections on a server that operates as
part of a distributed network or as a domain controller, you should use RRA to create a
VPN server.
Server setup
Configure both network cards with static IP addresses, one with an internal IP of your
LAN, while the other with a public IP. You also need a firewall in between to ensure that
your LAN is secure from external access. Then from your Windows 2003 server, go to
Start>Programs> Administrative tools>Routing and Remote access. This opens a Routing
and Remote Access MMC (Microsoft Management Console). On the left panel, you will
find an icon showing the server's status.
Right-click on the server icon and from
the popup menu, select the 'Configure and Enable Routing and Remote Access' option
from the pop-up menu. This will launch a Routing and Remote Access wizard to
configure its services. Click on Next, and the wizard will ask you to select the type of
routing configuration you would like to
set for this machine. Select 'Virtual
Private Network (VPN) Server' and
click Next. Now, the wizard will show
you the Remote client Protocol page,
select 'Yes, all required protocols are on
this list' option and Next. By default
setting is TCP/IP.
You can have multiple remote access servers on your network, but you would like to
authenticate users from one central server, rather than creating users account for each
remote access server. For configuring RADIUS use IAS (Internet Authentication Server),
built-in Windows 2000 Server. If you authenticate from the same server, click “No, I
don't want to setup this server to use RADIUS now' and click next. Finally click on
Finish button to complete the Routing and Remote Assess Server configuration. After this
you need to set policy for the users so that the remote user can dial-in. To give access
policies to users to connect on the VPN server, you must specify some access permission
to the users.
The RRAS wizard lets you choose the configuration you want, so that remote users can
connect to the VPN server from their VPN clients. Open Routing and Remote Access
from Start>Programs>Administrative tools. Click on 'Remote Access Policies' given on
the left panel, and click on plus
sign (+) to expand its sub-tree.
This runs a wizard for creating a VPN connection. Select 'Connect to the network to my
workplace' and click on 'Next'. On the Network Connection page, click on 'Virtual Private
Network Connection' and click on Next. Next, the wizard will ask you for a connection
name. Provide a convenient name to it and click on Next. Now give the IP address or
DNS name for the VPN server and click on Next. Click on Finish button to close the
wizard. With this, your VPN client is ready. Launch the VPN client with the user name
and password to connect to your office VPN server. However, the speed of access
depends on the amount of bandwidth available.
Sanjay Majumder