A quick RRAS question

Essendon

Guys, I have gone through the 5 Nuggets and it hasnt been too difficult to understand what James was saying. Now to lab it up so it all sinks in. Can I get away with using a LAN connection, or do I absolutely need a separate phone line and a modem to hook it all up?

BTW, I dont have a separate phone line or a modem. The modem I have now runs the web (via a router) on 3 different physical computers and since I live in shared accomodation and the modem's everyone's property, the others wont let me use the modem for testing.

So my question is can I get away with using the LAN connection?

P.S. Someone please say yes

NetAdmin2436

I'm assuming your just trying to do some lab stuff. As long as you have two Network Adapters your fine. If you only have 1 NIC, RRAS will yell at you and cease configuration of RRAS. However, if you don't have another spare NIC laying around you can add a Microsoft loopback adapter....for testing purposes.

http://support.microsoft.com/kb/842561

Essendon

Thank you for the quick reply there, netadmin. I may be getting this wrong, but perhaps James was saying that it's best if the RRAS server wasnt a part of the domain. Maybe I just listen to him again?

NetAdmin2436

I haven't watched any of them videos, but I'm assuming he was talking about having the RRAS server like a stand alone and authenticating to an RADIUS server for authentication. This is said to be more secure.

But yes, you can use multiple LAN connections. Not the most secure, but you can certainly can. I have my home RRAS server setup like this with VPN.

bertieb

MobilOne wrote:

Thank you for the quick reply there, netadmin. I may be getting this wrong, but perhaps James was saying that it's best if the RRAS server wasnt a part of the domain. Maybe I just listen to him again?

I think in the CBT he was referring to the fact it shouldn't be installed on a domain controller if you're providing remote access services, due to the security risk it would represent (i.e. the RRAS server would most likely be on the edge of the network accepting incoming connections, and if it got hacked they'd potentially have access to your full AD environment)

Though he does say in another nugget (when discussing IAS) about having stand alone boxes and using the IAS (Radius) services for centralised authentication, as NetAdmin2436 said

Lab it up and it'll make a lot more sense, some of the CBT's confused me at first!

Essendon

bertieb wrote:

MobilOne wrote:

Thank you for the quick reply there, netadmin. I may be getting this wrong, but perhaps James was saying that it's best if the RRAS server wasnt a part of the domain. Maybe I just listen to him again?

I think in the CBT he was referring to the fact it shouldn't be installed on a domain controller if you're providing remote access services, due to the security risk it would represent (i.e. the RRAS server would most likely be on the edge of the network accepting incoming connections, and if it got hacked they'd potentially have access to your full AD environment)

Though he does say in another nugget (when discussing IAS) about having stand alone boxes and using the IAS (Radius) services for centralised authentication, as NetAdmin2436 said

Lab it up and it'll make a lot more sense, some of the CBT's confused me at first!

Yeah, I just listened to the videos again. He was referring to not having the RRAS on a DC because of the obvious security risk as the DC should be the most secure server in the network.

I am just going to lab it up and will post up questions should any arise!