Browse by Tags
All Tags »
Design (RSS)
Problem: Today, Microsoft VPN client can be configured in two ways as discussed in this article – a) in-built VPN client b) CM based VPN client. The first method requires end user to know the VPN settings and then create a VPN connection – which needs
Read More...
Hello Friends, In my previous posting related to VPN tunnel selection , I discussed various scenarios in which you need to install a certificate on the VPN server. To summarize this requirement in a nutshell: except PPTP tunnel, for all the other tunnel
Read More...
In W7 the CMAK wizard can be used to create CM profiles that can run on both Vista and W7 machines (a separate profile is still required for XP). When creating the profile if a VPN strategy or authentication protocol is specified which is not supported
Read More...
Hello Customers, In this post, I will highlight on various placement requirements related to RAS server. 5. 1 NAT Routers A VPN server machine can sit behind a NAT router as long as following requirements are met: For SSTP, NAT port redirection or bi-directional
Read More...
Hello Customers, In this post, I will walk through some aspects on IP addressing, routing and name resolution related design guidelines. 4. 1 IP Addressing The VPN client machine will have minimum two IP addresses – one that it gets from ISP through which
Read More...
Hello Customers, In this post, I will walk through the most important topic – which authentication protocol, VPN tunnel to use, how to authorize access of your VPN users. Lets have a look: 3. 1 User Authentication The remote access user is authenticated
Read More...
Hello Customers, In this post, I will walk through the different ways in which you can enable VPN functionality on the remote access devices (desktops, laptops used by your remote access users). Lets look at the various choices: 2.1 Operating Systems
Read More...
Hello Customers, In last few releases, we have added plenty of “cool” features in RAS – like NAP based health check, SSTP based SSL tunnel, IPv6 support in Vista SP1/WS08 and IKEv2 based IPSec tunnel in Windows 7/WS08 R2. As a result, we have seen a lot
Read More...
Hello Customers, As I wrote in this blog, there are four types of VPN tunnel supported by Windows 7 based VPN clients. In this blog I will focus on following things: how do you configure tunnel types on the client, how to decide on the tunnel type order
Read More...
Hello Customers, A lot of you have requested directly or through the field channels about performance results of RRAS for different VPN tunnel types – specifically SSTP. I am writing this blog to share the results for the tests done internally by our
Read More...
Hello, As you know in Windows server 2008 (WS08) we have removed “Basic Firewall” functionality in RRAS which exist in Windows Server 2003 (WS03). This leads to following security implications which you should be carefully consider when configuring RRAS
Read More...
With the various previous blogs, we already know that SSTP (Secure Socket Tunneling Protocol) is a new VPN tunnel type which is added to the list of the already existing tunnel types, PPTP and L2TP. With this addition, there have been some changes in
Read More...
RAS supports 3 types of tunnels namely Point to Point Tunneling Protocol (PPTP), Layer 2 Tunnelingu Protocol (L2TP) and Secure Socket Tunneing Protocol (SSTP) for connecting to work from home securely. When connecting from home you have option to either
Read More...
Hi All, In Longhorn, Routing and remote access server role supports IPv6 (in addition to IPv4). In this blog, I will give a quick summary on what are the scenarios that are supported and what changes are required to enable the same. This will also help
Read More...
Hi All, Till Windows 2003, routing and remote access server (i.e. RRAS) and Windows firewall didn't co-exist. i.e. if one of the feature is enabled - other cannot be enabled. RRAS was having a version of Windows firewall called as "Basic Firewall" - which
Read More...
