What is Routing and Remote Access?
An integrated component of Microsoft Windows 2000 that provides both remote access and routing capabilities. Routing and Remote Access supports both dial-up and virtual private network (VPN) remote access clients, and supports routing of Internet Protocol (IP), Internetwork Packet Exchange (IPX), and AppleTalk.
Using this component, a server running Windows 2000 Server can function as a Remote Access Service (RAS) server, a VPN server, or even a branch-office router. Routing and Remote Access is also the name of the Microsoft Management Console (MMC) snap-in that is used to manage these services in Windows 2000.
How It Works
The Routing and Remote Access snap-in is used to configure the server side of remote access on servers running Windows 2000 and to configure routing on servers running Windows 2000 with multiple local area network (LAN) or wide area network (WAN) interfaces.
When you use the snap-in to install and configure remote access you create a remote access server that provides these two types of connectivity: dial-up networking and virtual private networking.
- Dial-up remote access is typically used by mobile or home users who need to dial in to corporate networks - for example, to access a corporate intranet, e-mail server, database server, or other network resource. Windows 2000 supports dial-up connections using providers such as analog telephone lines, ISDN, and X.25.
- VPN connections emulate point-to-point connections by encrypting and encapsulating traffic and securely routing (tunneling) it between the VPN client and VPN server. Windows 2000 supports the Point-to-Point Tunneling Protocol (PPTP) and Layer 2 Tunneling Protocol (L2TP) for creating virtual private networks. VPNs are typically used for mobile users and home users to securely connect to corporate networks over an unsecure connection such as the Internet.
Some of the new remote access features supported by Windows 2000 include the following:
- Integration of remote access functionality with Active Directory
- Policy-based administration for more flexible administration of remote access privileges for users and groups
- A new version of Microsoft Challenge Handshake Authentication Protocol (version 2) that strengthens the security of the remote access connection negotiation process
- Support for the L2TP for creating VPNs
- The Extensible Authentication Protocol (EAP), which lets you use smart cards and other technologies for remote access authentication
- The Bandwidth Allocation Protocol (BAP), which increases the efficiency of Multilink PPP (MPPP) connections
Routing and Remote Access in Windows 2000 provides powerful industry-standard routing capabilities that can turn a computer running Windows 2000 Server into a full-featured, enterprise-class router for both LAN and WAN internetworks. A computer running Windows 2000 Server that has the Routing and Remote Access service installed and configured on it is usually referred to as a Windows 2000 router. Supported features include the following:
- Multiprotocol support for unicast routing that includes IP, IPX, and AppleTalk protocols
- Standard IP routing protocols, such as the Routing Information Protocol (RIP) versions 1 and 2 and the Open Shortest Path First (OSPF) Protocol
- Support for routing multicast IP traffic
- IP network address translation (NAT) functionality for connecting home or small office/home office (SOHO) networks to the Internet
- Packet-filtering capability for both IP and IPX
- Demand-dial routing for automatic initiation of dial-up WAN connections
- VPN functionality using both PPTP and L2TP
- Support for IP-in-IP tunneling
The client side of remote access on Windows 2000 Professional clients is configured using the Network Connection Wizard, which provides a step-by-step method for creating and configuring basic inbound and outbound connections.