It is a very exciting new protocol because it was created specifically
to address the issues PPTP and L2TP have when working through certain firewall
configurations. An SSTP session is established using an HTTP over SSL (HTTPS) session
between the server and the client. It reduces the cost for implementing VPN access
because it simplifies your deployment. You can safely place your RRAS server behind
NAT and you don??™t need any third-party VPN software to establish connectivity. As with
all SSL-based technology, you will need to have the root CA for the server??™s computer
certificate installed on the SSTP client for the connection to work. If you have your own
CA, you have probably already distributed your root CA using Group Policy, or you can
leverage a third-party CA such as VeriSign to sign your computer certificate.
Hands-On Exercise: Configuring RRAS for Remote Access
The little bit of information presented earlier is meant to be a general overview of how
DUN and VPN work. A discussion on DUN and VPN technology and protocols could
go on forever, but what you??™ve read so far is all you need to know to configure remote
access on Windows Server 2008.
In this exercise we install and configure RRAS for remote access. Your server should
be part of a domain and a DCHP server must be on your network that can assign IP addresses
to VPN clients.
NOTE If you are using the same server for this exercise that you used for the routing exercise earlier
in the chapter, you must first disable RRAS in the RRAS management console by right-clicking the
server name and selecting Disable Routing and Remote Access.
Pages:
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424