Advantages of Using WSUS
There are many advantages to using WSUS WSUS allows an internal server within a private intranet to act as a virtual Windows Update server. Administrators have selective control over what updates are posted and deployed from the public Windows Update site. No updates are deployed to client computers unless they are first approved by an administrator. Administrators can control the synchronization of updates from the public Windows Update site to the WSUS server either manually or automatically....
The Encryption Tab
The Encryption tab see Figure 8.10 controls which type of encryption you want your remote users to have access to. The following radio buttons are listed on the Encryption tab Basic Encryption MPPE 40-Bit means single DES Data Encryption Standard for IPSec or 40-bit Microsoft Point-to-Point Encryption MPPE for Point-to-Point Tunneling Protocol PPTP . Strong Encryption MPPE 56 Bit means 56-bit encryption single DES for IPSec 56-bit MPPE for PPTP . Strongest Encryption MPPE 128 Bit means triple...
Creating a New Multicast Scope
1. Open the DHCP snap-in by selecting Start gt Administrative Tools gt DHCP. 2. Right-click your DHCP server and choose New Multicast Scope. The New Multicast Scope Wizard appears. Click the Next button on the Welcome page. 3. In the Multicast Scope Name page, name your multicast scope and add a description if you'd like . Click the Next button. 4. The IP Address Range page appears. Enter a start IP address of 224.0.0.0 and an end IP address of 224.255.0.0. Adjust the TTL to 1 to make sure that...
The General Tab Fdq
The General tab Figure 9.15 of the OSPF Properties dialog box controls, among other things, whether or not OSPF is enabled on a particular interface address. FIGURE 9.15 The General tab of the OSPF Properties dialog box FIGURE 9.15 The General tab of the OSPF Properties dialog box Here's what you can do with the controls on the General tab The Enable OSPF For This Address checkbox, combined with the address drop-down menu, specifies whether OSPF is active or not on the selected address. Because...
Installing a VPN from Scratch
If you don't have RRAS installed at all, you'll need to install it, activate it, and configure it as a VPN server. The easiest way to do this is with the RRAS Setup Wizard. You may remember that the wizard gives you a page with several radio buttons that you use to select the kind of server you want to set up. If you followed the instructions in Exercise 7.1 Installing the Routing and Remote Access Services , you actually already have a VPN server when you install RRAS as a remote access...
Installing the DHCP Relay Agent
There are a couple of things you should know before installing a DHCP relay agent. First, you can't install the relay agent on a computer that's already acting as a DHCP server. Second, you can't install it on a system running Network Address Translation NAT with the addressing component installed. As long as you meet these requirements, the Server 2003 implementation of RRAS will install the DHCP relay agent automatically when you first enable remote access. You can also install the DHCP relay...
The Host Record
A host record also called an address or A record is used to statically associate a host's name to its IP addresses. The format is pretty simple host_name optional_TTL IN A IP_Address Here's an example from our DNS database www IN A 192.168.0.204 smtp IN A 192.168.3.144 The A record ties a hostname which is part, you'll recall, of an FQDN to a specific IP address. This makes them suitable for use when you have devices with statically assigned IP addresses in that case, you'd create these records...
Setting OSPF Interface Properties
OSPF has its own set of properties that you can set on OSPF-enabled interfaces. Setting these properties is both simpler and more complex than RIP simpler because there aren't as many of them because OSPF is largely self-tuning, but the properties you can set tend to be somewhat more abstruse. You open an OSPF interface's Properties dialog box by selecting the OSPF node, clicking the interface in the right window pane, and selecting Properties from the Action menu. Let's take a look at the...
Understanding the Multicast Address Dynamic Client Allocation Protocol MADCAP
DHCP is normally used to assign IP configuration information for unicast or one-to-one network communications. With multicast, there's a separate type of address space assigned from 224.0.0.0-239.255.255.255 addresses in this space are known as Class D addresses or simply multicast addresses. However, multicast clients also need to have an ordinary IP address Clients can participate in a multicast just by knowing and using the multicast address for the content they want to receive. How do...
NWLink
NWLink IPX SPX is Microsoft's implementation of Novell's IPX SPX protocol stack, which is used in Novell NetWare. In fact, it's fair to say that NWLink IPX SPX is nothing more than IPX for Windows. FIGURE 1.13 The OSI protocol stack can be simplified by grouping its layers into three new categories. FIGURE 1.13 The OSI protocol stack can be simplified by grouping its layers into three new categories. NWLink IPX SPX is included with Windows Server 2003 primarily to allow Windows Server 2003 to...
Configuring Advanced TCPIP Settings
The Advanced button in the Internet Protocol TCP IP Properties dialog displays several settings that are not available elsewhere. The Advanced TCP IP Settings dialog box contains four tabs you can use to extend and override the settings from the simpler dialog box shown in Figure 2.1. In the following sections, you will see how to configure advanced TCP IP settings not available in the standard TCP IP dialog box. In the basic configuration dialog box you saw earlier, you can enter one IP...
Configure PPTP Packet Filters
1. Open the RRAS console by selecting Start gt Administrative Tools gt Routing And Remote Access and expand the server and IP Routing nodes to expose the General node of the server you're working on. Select the General node. 2. Right-click the appropriate interface and choose Properties. 3. In the General tab of the interface Properties dialog box, click the Inbound Filters button. The Inbound Filters dialog box appears. 4. Click the New button and the Add IP Filter dialog box appears. 5. Fill...
Dynamically Update DNS A And PTR Records Only If Requested By The DHCP Clients
This radio button which is on by default tells the DHCP server to register the update only if the DHCP client asks for DNS registration. When this button is active, DHCP clients that aren't hip to DDNS won't have their DNS records updated. However, Windows 2000, XP, and Server 2003 DHCP clients are smart enough to ask for the updates. Always Dynamically Update DNS A And PTR Records This radio button forces the DHCP server to register any client to which it issues a lease. This setting may add...
Installing and Configuring the WSUS Server
WSUS should run on a dedicated server, meaning the server will not run any other applications except IIS, which is required. Microsoft recommends that you install a clean or new version of Windows 2000 Server or Windows Server 2003 and apply any service packs or security-related patches. You should not have any virus-scanning software installed on the server. ING Virus scanners can mistake WSUS activity as a virus. The following steps are used to install the WSUS server 1. Download the WSUS...
Restricting a User Profile for DialIn Access
1. Log on to your computer using an account that has administrative privileges. 2. If you're using an RRAS server that's part of an AD domain, open the Active Directory Users and Computers snap-in by selecting Start gt Administrative Tools gt Active Directory Users And Computers. If not, open the Local Users and Groups snap-in by selecting Start gt Administrative Tools gt Computer Management gt Local Users And Groups. 3. Expand the tree to the Users folder. Right-click the Administrator account...
Integrating Dynamic DNS and DHCP
DHCP integration with Dynamic DNS is a simple concept but powerful in action. By setting up this integration, you can pass addresses to DHCP clients while still maintaining the integrity of your DNS services. There are actually two separate ways that the DNS server could potentially be updated. One way is for the DHCP client to tell the DNS server what its address is. Another is for the DHCP server to tell the DNS server when it registers a new client. However, neither of these updates will...