Академический Документы
Профессиональный Документы
Культура Документы
10 minutes
Remote access options
• DirectAccess
• VPN
• Routing
• Web Application Proxy
Managing remote access in Windows Server 2016
START
Yes No Go to next
Are there Does connection policy
No policies to Yes attempt match
process? policy conditions?
Yes
Is the remote access
permission for the user
No account set to Deny Access?
Reject
No Yes connection
attempt
Is the remote Is the remote access
Reject access permission on the
Yes No
connection permission for policy set to Deny
attempt the user account remote access
set to Allow permission?
Access? Yes Accept
connection
No Does the attempt
connection attempt
match the user
object and profile
settings?
Demonstration: Configuring Network Policy
Server policies
Routing in RRAS:
• RRAS is a software-based router
• Can route LAN-to-LAN, LAN-to-WAN, demand-
dial, and NAT traffic
• Supports the following type of routing:
• Static routes (IPv4/IPv6)
• IGMP (IPv4)
• RIP (IPv4)
• NAT (IPv4)
Network 1 Network 2
172.16.1.0/24 172.16.2.0/24
Configuring Routing and NAT with the remote
access role
Advanced routing scenario
VPN/Dial-up
Network 1 Network 2
172.16.1.0/24 10.10.10.0/24
Configuring Routing and NAT with the remote
access role
Corporate computers
172.16.0.50
Internet websites NAT server
172.16.0.1
131.107.0.10
172.16.0.10
172.16.0.51
Lesson 2: Implementing Web Application Proxy
Firewall Firewall
Internet Microsoft
applications
Corporate network
Authentication options for Web Application Proxy
• User authentication:
• AD FS preauthentication
• Pass-through preauthentication
• AD FS benefits:
• Workplace join
• SSO
• Multifactor authentication
• Multifactor access control
Publishing applications with Web Application Proxy
Logon Information
Virtual machines: 20741B-LON-DC1
20741B-LON-SVR1
20741B-LON-SVR2
20741B-EU-RTR
20741B-LON-CL1
User name: Adatum\Administrator
Password: Pa55w.rd
Virtual machine: 20741B-INET1
User name: Administrator
Password: Pa55w.rd
• Best Practice
• Review Questions
• Tools