70-411 lesson 10 configuring VPN and Routing

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

Web Application proxy servers supports two forms of preauthentication:

AD FS preauthentication and Pass-through preauthentication.

can perform layer 2 switching, but also perform routing based on IP addresses within an organization.

Layer 3 switches:

Routing and Remote Access (RRAS)

Provides the following functionality: a virtual private network (VPN), a dial-up remote access server, Network Address Translation (NAT). it also provides routing functionality and basic firewall functionality.

enable users to connect remotely to a network using various protocols and connection types.

Remote Access Server (RAS)

In windows server 2012 r2 a reverse proxy is provided by a Remote Access role service:

The Web Application Proxy, which is integrated in into the Remote Access Management console.

Routing Tables

are manually created with static routes or are dynamically created with routing protocols such as Routing Information Protocol (RIP), based on the current routing topology.

Layer 2 switches (which operate at the layer 2 OSI model)

are used to connect a host to a network by performing packet switching that allows traffic to be sent only to where it needs to be sent based on mapping MAC addresses of local devices.

Routing Information Protocol (RIP) supported through RRAS:

has been a popular distance-vector protocol for small organizations. RIP uses broadcasts where the entire routing table is sent t the other routers within the network.

Web Application proxy

is a Remote Access role service introduced in windows server 2012 r2 that provides reverse proxy functionality for web applications inside an organzation network so users can access applications externally no matter what device they are using.

a reverse proxy server

is a proxy server that retrieves resources from servers on behalf of a client by publishing internal applications to external users.

a Reverse proxy

is a proxy server that retrieves resources from servers on behalf of a client so that it can hide the existence of the resource server. It has the ability to access the necessary applications on the servers inside the organization.

Preauthentication

is the process by which users and devices are authenticated before they access an application.

Routing

is the process of selecting paths in a network where data will be sent.

Network Address Translation (NAT)

is used when masquerading to hide an entire address space behind a single IP address. It allows multiple computers on a network to connect to the Internet through a single IP address.

Split tunneling

is when you route your internet browsing through your home internet connection rather than going through the corporate network when using a VPN connection.

Virtual Private Networks (VPNs)

link two computers or network devices through a wide area network (WAN) such as the Internet.

NAT obscures and internal network's structure by

making all traffic appear originated from the NAT device or proxy server.

Routers

operate on the OSI Reference Model Layer 3, Network layer, therefore they are sometimes referred to as Layer 3 devices.

hop count:

the distance or number of routers passed through by a packet between two networks. maximum number of hops allowed for RIP is 15, the hop count of 16 is considered an infinite distance and therefore, it is considered non-reachable.

when you connect through a dial-up connection or VPN connection

the remote access connection must be authorized by the server running Network Policy Server(NPS) RRAS role service or a third party RADIUS server.

Pass-through preauthentication:

users are not required t enter credentials before they connect to published web applications.

AD FS preauthentication:

users must authenticate to AD FS servers before Web Application proxy redirects users to the published web applications.

Border Gateway Protocol (BGP)

which enables dynamic distribution and learning of routes by site-to-site (S2S) interfaces of RRAS. by adding BPG, the server can act as a gateway to the internet, tenant premises and tenant virtual networks.

demand-dial routing

which is a connection to a remote site that is activated when data is sent to the remote site. When there is no more data to be sent, the link is disconected.

RRAS also supports demand-dial routing,

which is when a connection to a remote site is activated because data is sent to the remote site.


Set pelajaran terkait

HESI / NCLEX Leadership and Management

View Set

lesson 7 & 8 strategic management

View Set

Color and the Electromagnetic Spectrum

View Set

Ch.14 Lesson 2: Adventure and Profit

View Set

Computer System Management Final Exam Review

View Set

Live Virtual Machine Lab 10.3: Module 10 Physical Network Security Concepts

View Set