Functions of Routing and Remote Access Service in Windows Server 2008

The Routing and Remote Access Service (RRAS) in Windows Server 2008 offers three primary functions: 1) Dial-up client: You can use RRAS to create and establish dial-up connections to remote networks, including the Internet, through a variety of media such as a modem, ISDN, infrared, parallel ports, serial connection, X.25, and ATM. Windows Server 2008 dial-up clients support a wide range of authentication protocols and other connectivity options. Support for tunneling protocols allows clients to set up secure connections to remote networks through public networks such as the Internet. 2) Dial-up server: A Windows Server 2008 can function as a dial-up server, allowing remote clients to connect to the local server, and optionally to the local network, through the same types of media support for dial-out connections. You can also use RRAS to support Terminal Services client sessions because RRAS issues an IP address to the connecting clients and binds the necessary protocols to the RAS connection. Windows Server 2008 supports several authentication protocols and can authenticate users against local or domain user accounts, or it can use Remote Authentication Dial In User Service (RADIUS), an industry standard authentication mechanism. Once connected, a remote user can browse, print, map drives, and perform essentially all other functions possible from either the local server or local area network. 3) Routing services: The routing components of RRAS allow Windows Server 2008 to function as a unicast and multicast router. Windows Server 2008 provides for routing, packet filtering, connection sharing, demand-dial routing, and several other features that make it a good choice for LAN and WAN routing. Windows Server 2008 also adds limited firewall capability. One of the key advantages of Windows Server 2008 RRAS is its integration with the Windows Server 2008 operating system. On the client side, integration means that once a remote connection is established, the client can access resources on the server transparently as if they were local resources. The client can map remote shares to local drive letters, map and print to remote printers, and so on. Except in very rare circumstances, applications can use remote resources seamlessly without modification to make them RAS- or network-aware. On the server side, integration means that Windows Server 2008 can use a single authentication mechanism to authenticate users both locally and from remote locations. RRAS can authenticate against the local computers user accounts or accounts in the domain, or it can use an external authentication mechanism such as RADIUS. Through its support for RADIUS, Windows Server 2008 RRAS allows a Windows Server 2008 to function as a gateway of sorts to the network while offloading authentication to another server, which could be any RADIUS platform, including a Unix server. Note: Remote Authentication Dial-In User Service (RADIUS) is a standard, cross-platform protocol for authentication commonly used for dial-in authentication. Windows Server 2008 RRAS also gives close integration with Active Directory (AD). This AD integration offers users with the replication of remote access settings, including access permissions, call-back options, and security policies, among others. AD integration also means simplified administration with other AD-related services and properties. Windows Server 2008 RRAS supports a wide range of connection protocols, including Point-toPoint Protocol (PPP), Serial Line Internet Protocol (SLIP), and Microsoft RAS Protocol. Windows

Server 2008 RRAS supports multiple authentication methods, including Microsoft Challenge Handshake Authentication Protocol (MS-CHAP), Extensible Authentication Protocol (EAP), Challenge Handshake Authentication Protocol (CHAP), Shiva Password Authentication Protocol (SPAP), and Password Authentication Protocol (PAP). Network protocols supported include TCP/IP, IPX/SPX, and AppleTalk to support Microsoft, UNIX, NetWare, and Macintosh resources and clients. The Routing and Remote Access management console in Windows Server 2008

The Routing and Remote Access service is installed using Server Manager using the Network Policy and Access Services role. Microsoft has integrated most administrative and management functions into Microsoft Management Console (MMC) snap-ins, and RRAS is no exception. The Routing and Remote Access console snap-in permits you to configure and manage an RRAS server. Figure 1 shows the Routing and Remote Access console. FIGURE 1: The Routing and Remote Access console.

The RRAS console serves as a central control center for managing most RRAS properties. In addition to configuring ports and interfaces, you can configure protocols, global options and properties, and RRAS policies through the RRAS console. Open the console by choosing Start button and then Control Panel and then Administrative Tools and then Routing and Remote Access.