1 / 43

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration. Chapter 9 Network Policy and Access Services in Windows Server 2008. Objectives. Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008

lark
Télécharger la présentation

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 9 Network Policy and Access Services in Windows Server 2008

  2. Objectives • Configure routing in Windows Server 2008 • Configure Routing and Remote Access Services in Windows Server 2008 • Describe Network Policy Server • Discuss wireless networking with Windows Server 2008 MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  3. Configuring Routing in Windows Server 2008 • Routing and Remote Access Services (RRAS) • Role service used to configure and manage network routing in Windows Server 2008 • Recommended for use in small networks that require simple routing directions • Not recommended for large and complex environments MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  4. Configuring Routing in Windows Server 2008 (continued) • Activity 9-1: Installing a Windows Server 2008 Member Server • Time Required: 75 minutes • Objective: Install a Windows Server 2008 member server MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  5. Configuring RRAS as a Router • Routers • Responsible for forwarding packets between subnets, or networks with differing IP addressing schemes MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  6. MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  7. Configuring RRAS as a Router (continued) • Activity 9-2: Installing RRAS on MSN-SRV-0XX and MSN-SRV-1XX • Time Required: 15 minutes • Objective: Install RRAS MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  8. Working with Routing Tables • Routing tables are composed of routes • Routes • Direct data traffic to its destination based on the information it contains • Routing tables • Can be managed in the RRAS console or from the command line using the route command MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  9. Working with Routing Tables (continued) • Activity 9-3: Viewing the Routing Table in RRAS • Time Required: 5 minutes • Objective: View the routing table in RRAS MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  10. MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  11. Configuring Routes • Static routing is limited for the following reasons • Requires manual creation and management • Should not be used on networks with more than 10 subnets • All affected routers require reconfiguration if the network changes MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  12. Configuring Routes (continued) • Activity 9-4: Creating a Static Route • Time Required: 15 minutes • Objective: Create a static route from the command line MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  13. Configuring Routes (continued) • Dynamic protocols • Route traffic based on information they discover about remote networks from other routers • Routing Information Protocol version 2 (RIPv2) • Uses partner routers, or RIP neighbors, in determining the dynamic routes it can use for forwarding packets of data MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  14. Configuring a DHCP Relay Agent • DHCP relay agent • Manages the communication between a network’s DHCP server and clients on subnets without a DHCP server • With RRAS • Network adapters are added and configured to listen for DHCP broadcast messages MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  15. Configuring a DHCP Relay Agent (continued) • Activity 9-5: Configuring MSN-SRV-0XX as a DHCP Relay Agent • Time Required: 15 minutes • Objective: Install a DHCP relay agent MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  16. Configuring Dial-on-Demand Routing • Demand-dial routing • Allows a server to initiate a connection only when it receives data traffic bound for a remote network • Can use dial-up networks instead of more expensive leased lines MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  17. Configuring Remote Access Services in Windows Server 2008 • Dial-up networking • Connects remote users to their networks using a standard phone line • Virtual Private Networks • Allow client connections to your network from remote locations • Works by creating a secure tunnel for transmitting data packets between two points • VPN tunneling protocols: Point-to-Point Tunneling Protocol, Layer 2 Tunneling Protocol, Secure Socket Tunneling Protocol MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  18. MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  19. Configuring Remote Access Services in Windows Server 2008 (continued) • Activity 9-6: Installing Remote Access Support for VPNs in RRAS • Time Required: 15 minutes • Objective: Install Remote Access Support with VPN in RRAS MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  20. MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  21. Configuring Remote Access Services in Windows Server 2008 (continued) • Activity 9-7: Configuring VPN Ports • Time Required: 15 minutes • Objective: Configure VPN ports MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  22. Network Address Translation • Allows you to shield internal IP address ranges from public networks by allowing internal clients to access the Internet through a shared IP address MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  23. MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  24. Introduction to Network Policy Server • Network Policy Server (NPS) • Role service that provides a framework for creating and enforcing network access policies for client health • Can be used to perform: • Configure a RADIUS server • Configure a RADIUS proxy • Configure and implement Network Access Protection (NAP) MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  25. Windows Server 2008 Editions and the NPS Console • NPS Console • Central utility for managing • RADIUS clients and remote RADIUS servers • Network health and access policies • NAP settings for NAP scenarios • Logging settings MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  26. Windows Server 2008 Editions and the NPS Console (continued) • Activity 9-8: Installing NPS • Time Required: 15 minutes • Objective: Install the NPS role service MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  27. Windows Server 2008 Editions and the NPS Console (continued) • Activity 9-9: Creating a Network Access Policy for VPN Connections • Time Required: 15 minutes • Objective: Create a network access policy MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  28. Introduction to RADIUS • RADIUS • Industry-standard protocol that provides centralized authentication, authorization, and accounting for network access devices • Components of RADIUS • RADIUS clients • Network access servers • RADIUS proxy • RADIUS server • User account database MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  29. MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  30. MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  31. MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  32. MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  33. RADIUS Server • Used on networks to perform authentication, authorization, and accounting for RADIUS clients • RADIUS client • Can be an NPS, which replaces the IAS from previous versions of Windows Server MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  34. RADIUS Server (continued) • RADIUS • Standardized network protocol that centralizes the following process for user connections • Authentication • Authorization • Accounting MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  35. RADIUS Proxy • NPS • Can be configured as a RADIUS proxy • RADIUS proxies • Route RADIUS messages between RADIUS clients and RADIUS servers MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  36. NAP • Network Access Protection (NAP) • Provides a tool for you to block external and internal network threats • Can be broken into three parts • Health policy validation • Health policy compliance • Limited access MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  37. Authentication Protocol • Supported authentication protocols in Windows Server 2008 • Extensible Authentication Protocol–Transport Layer Security (EAP-TLS) • Protected Extensible Authentication Protocol–Transport Layer Security PEAP-TLS • Protected PEAP–Microsoft Challenge Handshake Authentication Protocol version 2 (PEAP-MSCHAPv2) MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  38. Wireless Access Configuration in Windows Server 2008 • 802.1x standard • Developed by the Institute of Electrical and Electronics Engineers (IEEE) • On 802.1x networks • Network access control provides an authentication mechanism to allow or deny network access based on port connection MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  39. Wireless Access Configuration in Windows Server 2008 (continued) • Categories of EAP implementations • EAP over local area network (LAN) • EAP over wireless • 802.1x uses a three-component model for authenticating access to networks • Supplicant • Authenticator • Authentication server MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  40. MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  41. Summary • RRAS • Role service used to configure and manage network routing in Windows Server 2008 • Routers • Responsible for forwarding packets between subnets, or networks with differing IP addressing schemes • To process traffic • Router uses routing tables to determine where to send traffic MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  42. Summary (continued) • Routers • Use dynamic routing protocols and preconfigured static routes to deliver packets using the best route possible between two subnets • Most modern networks • Support the passing of DHCP broadcast messages between subnets without a DHCP server to subnets that contain a DHCP server • Demand-dial routing • Allows a server to initiate a connection only when it receives data traffic bound for a remote network MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

  43. Summary (continued) • VPNs • Provide secure network access for remote clients over the Internet through the use of tunneling protocols • NAT • Allows you to shield internal IP address ranges from public networks • NAP • Provides a framework for you to block external and internal network threats MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

More Related