1

Chapter 11: Dial-Up Connectivity in Remote Access Designs

Designs That Include Dial-Up Remote Access

Essential Dial-Up Remote Access Design Concepts

Data Protection in Dial-Up Remote Access Designs

Dial-Up Remote Access Design Optimization

2

Routing and Remote Access Introduction For remote access to private networking

resources, you can use Dial-up Virtual private network (VPN) Remote Authentication Dial-In User Service (RADIUS)

Dial-up access lets you control Remote access servers Modem types and data rates Access phone numbers User accounts Accessibility of private network resources

Dial-up access uses Point-to-Point Protocol (PPP).

3

Routing and Remote Access and Microsoft Windows 2000

A Windows 2000 feature Remote access client Remote access server

4

Remote Access Clients and Servers

5

Dial-Up Remote Access Design Review

Amount of data transmitted Number of locations Existing modems and phone lines Plans for network growth Number of simultaneous clients Operating systems used by clients Protocols used by clients

6

Dial-Up Remote Access Design Decisions

Integration into existing network Hardware requirements for servers Confidential data protection Availability to remote access users Optimization of network traffic

7

Dial-Up Remote Access Designs Use dial-up remote access to control all

design aspects. Evaluate cost of ownership issues.

Number of simultaneous remote users Number of locations requiring remote access Monthly phone line costs Initial investment in modems Phone line installation Ongoing support costs

Consider outsourcing to reduce costs.

8

Number of Remote Access Servers

Determine the maximum number of users.

Determine the sustained data rate. Perform a pilot test. Calculate the number of servers.

9

Placing Remote Access Servers

Placement goals: Centralize administration Reduce costs Reduce network traffic

Single or multiple location configuration

10

Single Location Configuration The hardware must support the

maximum number of users. Advantages:

Centralized administration Reduced administration costs

Disadvantages: Increased network traffic on segments Increased telephone charges No redundancy

11

Multiple Location Configuration The hardware must support the

maximum number of users. Advantages:

Reduced network traffic between segments Reduced telephone charges Redundancy

Disadvantages: Decentralized administration Increased administration costs

12

Remote Access Client Support Communications ports Transport protocols determined by

Operating system Applications Network management tools Resource servers accessed by client

Network address assignment Manually allocate Automatically assign using Dynamic Host

Configuration Protocol (DHCP)

13

Preventing Unauthorized Access

Restrict access to resources on the server.

Restrict traffic on the server by using filters. Resources or servers Network segments Traffic types (for example, HTTP)

Place servers on screened subnets.

14

Preventing Unauthorized Access (Cont.)

15

Protecting Remote Access Data Authenticate remote users.

Local accounts Active Directory directory service accounts

Encrypt confidential data. Microsoft Point-to-Point Encryption (MPPE) Internet Protocol Security (IPSec)

Enforce remote access policies. Conditions Remote access permissions Profiles

16

Enhancing Remote Access Availability

Include multiple dial-up remote access servers.

Use backup phone numbers. Dedicate a computer to Routing and

Remote Access.

17

Improving Remote Access Performance

Upgrade server hardware. Intelligent communications adapters Faster modems Server processor and memory

Distribute clients across multiple servers.

Dedicate a computer to Routing and Remote Access.

18

Chapter Summary

Dial-up provides control over remote access but is more expensive.

Services include remote access client and server.

19

Chapter Summary (Cont.)

Your design should Determine maximum number of users and

data rate Use multiple servers Evaluate client needs Protect the private network Improve availability and performance