2.16. Defining the Function of Remote Access Protocols and Services
Remote access protocols are protocols that are used to connect to a computer resource on a LAN from outside the LAN. The medium for these connections could be PSTN, xDSL, broadband cable, or another type of medium. Based on the medium used for the connection, a different set of protocols will be used than those that are typically used on the LAN. It is important that you understand the most common types of remote access protocols.
2.16.1. Critical Information
Be able to define the function of the most common remote access protocols and services. You should know which protocols are associated with each type of service. In addition, you should be able to define the advantages and disadvantages of each of the remote access protocols and services.
It stands to reason that a service that is designed to work on a totally different type of communication line from that of a LAN would have a protocol that is totally different as well. In this section, we will discuss the most common protocols and services and how each service relates to the protocol that supports it. We will also discuss the main advantages and disadvantages of each of the remote access protocols and services.
2.16.2. Remote Access Service (RAS)
Remote Access Service (RAS) is a remote access solution that is included with Microsoft Windows server products. Its main function is to give users access to the network from a remote location as if they were actually sitting at their desks, although sometimes the access is much slower. RAS is implemented in Windows NT Server as RAS, and in Windows 2000 Server and Windows Server 2003 as Routing and Remote Access Server (RRAS), but both product implementations offer the same basic functionality–remote access connectivity to a LAN environment. RAS servers can provide dialup connections using modems as well as virtual private networking (VPN) connections using WAN miniports. Figure 2.8 shows an RRAS server on Windows Server 2003.
Figure 2.8. An RRAS server on Windows Server 2003
RAS is also capable of providing security using tunneling protocols such as Point-to-Point Tunneling Protocol (PPTP) and Layer 2 Tunneling Protocol (L2TP), although L2TP is only available on Windows 2000 or later servers. RAS and RRAS servers support remote connectivity to all of the major client operating systems in use today.
NOTE
We will discuss the details of these tunneling protocols and other security protocols later in this chapter.
2.16.2.1. Serial Line Interface Protocol (SLIP)
In the 1970s, graduate students at the University of California, Berkley, developed a protocol designed to allow TCP/IP communication to be transmitted over serial connections. This was the first protocol that allowed computers to communicate over normal telephone lines. Serial Line Interface Protocol (SLIP) did its job in the early years, but it has some shortcomings, which have caused it to be replaced with newer protocols. To begin with, SLIP is not a secure protocol. All communications that establish as a session are transmitted in clear text. This does not provide the security required for today's network environments. In addition, no error-checking mechanism is built into SLIP. Finally, SLIP is limited to the TCP/IP protocol, so protocols such as IPX/SPX, NWLink, and AppleTalk over IP cannot be used with SLIP.
2.16.2.2. Point-to-Point Protocol (PPP)
Point-to-Point Protocol (PPP) is the standard remote access protocol used today. It addresses the shortcomings of SLIP by providing for authentication mechanisms, error checking, and multiple protocol support. You can choose among several authentication options, including Password Authentication Protocol (PAP), Challenge Handshake Authentication Protocol (CHAP), and Extensible Authentication Protocol (EAP).
NOTE
We will discuss each of these protocols in greater detail later in this chapter.
The PPP protocol establishes a session with a three-step process as follows:
Framing rules are established between the client and the server. These include the size of the frames allowed as well as the data rates that can be used.
The client is authenticated by the server using the configured authentication protocol.
Network control protocols (NCPs) configure the remote client for the correct LAN protocols TCP/IP, and so on.
After these three steps are successfully completed, the server and client can begin to exchange data.
2.16.2.3. Point-to-Point Protocol over Ethernet (PPPoE)
Point-to-Point Protocol over Ethernet (PPPoE) is a protocol that has become popular because of the growing number of people who use cable modems and DSL connections to access the Internet. PPPoE is a specification for connecting users on an Ethernet to the Internet through a common broadband medium such as a cable modem or DSL line. All of the users on the Ethernet can share one common connection to the Internet. The Ethernet principles apply to the connection (CSMA/CD)as well as the principles of PPP (authentication and error checking). PPPoE can also be implemented with wireless devices that connect multiple users in an Ethernet to the Internet.
2.16.2.4. Point-to-Point Tunneling Protocol (PPTP)
Point-to-Point Tunneling Protocol (PPTP) is a protocol used to create a secure tunnel between two points on a network over which other protocols such as PPP can be used. This tunneling functionality provides the basis for VPNs. While PPTP is a widely used tunneling protocol, other tunneling protocols are available that provide even greater security, such as L2TP. We will discuss L2TP and other security protocols later in this chapter.
2.16.2.5. Virtual Private Network (VPN)
Virtual Private Network (VPN) is not as much of a technology as it is a term used to describe a form of networking. A VPN is a secure connection that is transmitted through a nonsecure medium, usually the Internet. To create a VPN, a tunneling protocol is used to encrypt the communication as it flows through the nonsecure medium. The communication is then decrypted on the other side of the connection. VPNs can be established using server software as well as routers. They are commonly used by businesses to provide connections to multiple locations of an organization without the use of expensive private leased lines.
2.16.2.6. Remote Desktop Protocol (RDP)
Remote Desktop Protocol (RDP) is a protocol used by Microsoft to establish remote display and remote control capabilities between servers and clients on a Microsoft network. It is the protocol on which Windows Terminal Services operates. Originally, Terminal Services offered two options during installation: Remote Administration and Application Server. In later versions of Terminal Services (Windows Server 2003), only Application Server is offered. This is because Remote Desktop Connection, which also uses the RDP protocol, is now included with Windows XP Professional client software and Windows Server 2003 server software. Figure 2.9 illustrates a Remote Desktop Connection interface that utilizes the RDP protocol.
Figure 2.9. The Remote Desktop Connection tool
2.16.3. Exam Essentials
Describe the function of RAS. RAS provides the service that allows remote access connectivity to a Microsoft LAN. RAS servers can provide security as well as connectivity. RAS is implemented as RRAS in Windows 2000 Server and Windows Server 2003.
Explain the function of SLIP. The SLIP protocol was the first protocol used to provide a TCP/ IP connection through normal telephone wires. This protocol is not commonly used today because of its shortcomings in regard to security, error checking, and flexibility of protocol use. The protocol that has replaced SLIP is PPP.
Know the function of PPP. PPP is the protocol that is most commonly used for remote access connections to today's networks. It offers several methods of authentication to provide a secure communication environment in any network. Be able to describe the three-step process that PPP uses to create a session between two computers.
Understand the function of PPPoE. PPPoE is a protocol used to connect an Ethernet to a common broadband medium. PPPoE has increased in popularity because of the growth of cable modems, DSL, and wireless devices that support it. PPPoE operates within the principles of Ethernet communication as well as PPP communication.
Know the function of PPTP. PPTP is a protocol used to establish a tunnel for secure communication through a nonsecure medium, such as the Internet. PPTP is the basis for VPNs. PPTP offers some security, but other tunneling protocols offer even greater security.
Describe the function of a VPN. A VPN is a network that is secure even though the communications are transmitted through a nonsecure medium, such as the Internet. VPNs are created using tunneling protocols such as PPTP and L2TP. Businesses use VPNs to connect multiple locations of their organization in a secure manner without having to lease expensive dedicated lines.
Explain the function of RDP. RDP is a remote display and remote control protocol used with Microsoft Terminal Services and Microsoft Remote Desktop Connection. It allows administrators to connect to and remotely administer servers and clients in their networks.