Go back to the Delta Guide Home Page. Download this article as a PDF file.

RRAS has been in the Windows product line since Windows NT 4.0, when it was called the Remote Access Service (RAS). RRAS's additional routing capabilities came in a mid-version optional add-on, code-named Steelhead, which upgraded Windows NT's RAS service into the full-fledged RRAS service. Windows 2000 Server and Windows Server 2003 improve on the original RRAS by adding features, additional management tools, and enterprise capabilities.

At its heart, RRAS is primarily a routing engine, much like any network router you might purchase. RRAS defines interfaces, which represent each network connection in a server, and routes packets between those interfaces. So, dial-up users connect to a dial-up interface (which is attached to a modem), and RRAS routes packets between the dial-up interface and the interface representing the corporate network. RRAS can also route between two Ethernet interfaces, acting as a basic network router.

RRAS also supports remote access policies, which define the users who can connect to specific interfaces. Remote access policies can allow users to connect based on username, authentication protocol used, time of day, and many other parameters, enabling you to create complex policy configurations to meet your organization's needs. RRAS also supports a number of authentication protocols, including Windows-integrated protocols, which provide a secure means for users' logon credentials to be transmitted to RRAS and validated. RRAS can be configured to authenticate users itself, or it can be configured to pass authentication requests to a RADIUS server. A RADIUS server acts as a kind of centralized authentication resource, telling RRAS whether to accept specific remote access connections. Any number of RRAS servers can use a single RADIUS server, so RADIUS also helps reduce management by requiring you to create your remote access in a single location, instead of on each RRAS server individually. Windows .NET Server even ships with a RADIUS server component called the Internet Authentication Service (IAS).

Typically, you'll use RRAS only for a single task on a single server. For example, one RRAS server might be used to accept dial-up connections, while another might route packets between your network and the Internet. You can use a single RRAS server for more than one task, although the configuration obviously becomes more complex.

© Copyright Pearson Education. All rights reserved.

Go back to the Delta Guide Home Page. Download this article as a PDF file.