 |  |
14.10. Remote Access Service (RAS)
Microsoft's Remote Access Service (RAS) provides a consistent user interface to a wide variety of protocols used to connect a machine in one place to a network in a different place. It is not a single service from a firewall point of view; instead, it uses multiple different services. In Windows NT 4, RAS is available either as an installable package provided with the standard Server operating system or in an enhanced version that is part of the no-cost Routing and Remote Access Service (RRAS) package. In Windows 2000, RAS is always part of RRAS, and it is an indivisible part of the operating system. You may enable it or disable it, but you cannot install or remove it.RAS can be used in two different modes. In one mode, the RAS client has access only to the RAS server; in the other mode, the RAS server acts as a router, and the RAS client has access to the full network. Allowing access only to the RAS server gives you more control over the client, but it doesn't provide much functionality.
As we mentioned before, RAS clients can use multiple different protocols to connect to RAS servers. Originally, RAS was primarily used to support modems and similar low-level connections, and RAS still supports the use of PPP over a variety of different transports, including most popular modems, ISDN, and X.25. However, RAS is now also frequently used to build virtual private networks over IP connections, using Point-to-Point Tunneling Protocol (PPTP), or in Windows 2000, Layer 2 Transport Protocol (L2TP).
|  | |
| 14.9. IPsec |  | 14.11. Point-to-Point Tunneling Protocol |
