Microsoft's Remote Access
Service (RAS) provides a consistent user interface to a wide variety
of protocols used to connect a machine in one place to a network in a
different place. It is not a single service from a firewall point of
view; instead, it uses multiple different services. In Windows NT 4,
RAS is available either as an installable package provided with the
standard Server operating system or in an enhanced version that is
part of the no-cost Routing and Remote Access Service (RRAS) package.
In Windows 2000, RAS is always part of RRAS, and it is an indivisible
part of the operating system. You may enable it or disable it, but
you cannot install or remove it.
RAS can be used in two different modes. In one mode, the RAS client
has access only to the RAS server; in the other mode, the RAS server
acts as a router, and the RAS client has access to the full network.
Allowing access only to the RAS server gives you more control over
the client, but it doesn't provide much functionality.