Remote Access Service (RAS)
The remote server access is set up to handle users, who need access or are seeking access to the network remotely. Remote Access Service (RAS) is usually associated with a firewall server for security. It also requires a router for forwarding the remote access request to another part of the network. Thus, it is also called a Communication Server. The server can also be used as part of a virtual private network.
When dialing in to a network as a remote node, you log into a remote access server. This is often the same server you which provides remote node services across the Internet, via tunneling protocols. A variety of remote access servers is available. In general, organizations use a dedicated server to provide remote node services because it can maintain better security and offer higher performance.
When a Remote Access Service (RAS) server is placed across a slow wide area network link from the data and applications from which the user’s access, the performance would be slower than it would otherwise be. When a RAS server provides services to remote nodes across the Internet, it should be placed near the Internet connection so that it acts as a doorway to the network.
RAS provides the best security for communications between remote LANs. The Modems and RAS have to work together to provide a remote access technology, which works almost every time. This is because the dial-up modem remote access is the best reliable and secure communication.
Point-to-Point Protocol (PPP) Of Remote Access Service (RAS)
The point-to-point protocol was originally intended for the encapsulation of protocol for transporting IP traffic between two peers. The PPP provides a standard method for transporting multi-protocol datagrams over point-to-point links. It is a data link layer protocol in the TCP/IP protocol suite. However, protocols other than IP can also be carried over PPP, including DECnet and Novell’s Internetwork Packet Exchange (IPX). PPP is an addition to TCP/IP that adds two sets of functionality:
- It can transmit TCP/IP packets over a serial link
- It has login security
TCP/IP cannot be transmitted over a serial link. This makes it unsuitable for WANs (Wide Area Networks). To make TCP/IP work over these serial links, it is necessary to create a protocol that can transmit TCP/IP packets over serial lines. The two protocols which can perform these are:
- SLIP (Serial Line Internet Protocol)
- PPP (point-to-point protocol)
When serial links that are part of the public telephone system are used, ensure the authenticity of all communications. To this end, PPP incorporates user name and password security. Thus, a router or server receiving a request by means of PPP, where the origin of the request is not secure would require authentication. This authentication is part of PPP. Because of its ability to route TCP/IP packets over serial links and its authentication capabilities, PPP is generally used by Internet Service Providers (ISPS) to allow dial-up users to connect to the Internet.
The main components of PPP are as follows:
It is a method for encapsulating multi-protocol datagrams. The PPP encapsulation provides multiplexing of different network-layer protocols simultaneously over the same link. The PPP encapsulation has been carefully designed to retain compatibility with the most commonly used supporting hardware.
Link Control Protocol
The Link Control Protocol is flexible and portable to a wide variety of environments. It is used to automatically have the same opinion upon the encapsulation format options, handle varying limits on sizes of packets, detect a looped-back link, other common misconfiguration errors, and terminate the link.
Configuration is used by other control protocols such as Network Control Protocols (NCPS). In order to establish communications over a point-to-point link, each end of the PPP link should send the LCP packets to configure and test the data link. After the link is established and optional facilities are negotiated as needed by the LCP, PPP must send NCP packets to choose and configure one or more network-layer protocols. When the network layer protocol is configured, datagrams from each network-layer protocol are sent over the link.
The link will remain configured for communications until precise LCP or NCP packets close the link down, or until some external event like an inactivity timer expires or network administrator intervention occurs.
Flag field indicates the beginning or end of a frame which consists of the binary sequence 01111110.
Address field contains the binary sequence 11111111, the standard broadcast address.
Control field contains the binary sequence 00000011, which calls for transmission of user data in an unsequenced frame.
Protocol field identifies the protocol encapsulated in the information field of the frame.
Information field has zero or more octets which contain the datagram for the protocol specified in the protocol field.
Frame Check Sequence (FCS) field contains normally 16 bits, but for PPP implementations 32-bit FCS can be used for improved error detection.
Serial Line Internet Protocol (SLIP)
Serial Line Internet Protocol is simply a packet framing protocol. SLIP defines a sequence of characters that frame the IP packets on a serial line. It does not provide addressing, packet type identification, error detection/ correction, or compression mechanisms. It is commonly used on serial links and sometimes for dial-up purposes and is generally used with line speeds between 1200bps and 19.2Kbps. SLIP is useful for allowing mixes of hosts and routers to communicate with one another such as host-host, host-router, and router-router which are all common SLIP network configurations.
The SLIP protocol defines two special characters
END is octal 300 (decimal 192) and ESC is octal 333 (decimal 219). The SLIP host simply starts sending the data in the packet. If a data byte is the same code as the END character, a two-byte sequence of ESC and octal 334 (decimal 220) is sent. If the same as an ESC character, a two-byte sequence of ESC and octal 335 (decimal 221) is sent. When the last byte in the packet is sent, an END character is then transmitted. Since there is no standard SLIP specification, there is no actual defined maximum packet size for SLIP.
Point-to-Point Protocol over Ethernet (PPPoE)
Point-to-Point Protocol over Ethernet is designed for connecting multiple computer users on an Ethernet local area network. PPPOE is used to share a common Digital Subscriber Line (DSL), cable modem, or wireless connection for multiple users to the Internet. PPPoE combines the Point-to-Point Protocol commonly used in dial-up connections. with the Ethernet protocol, which supports multiple users in a local area network. The PPP protocol information is encapsulated within an Ethernet frame.
PPP over Ethernet brings functionality to ISPS which do not use serial links to connect their users. Serial ISPS already uses PPP over modem communications. DSL providers on the other hand use Ethernet, not serial communications. Therefore, many require added functionality of PPP over Ethernet. which allows them to secure communications through the use of user logins and have the ability to measure the volume of traffic each user generates.
Point-to-Point Tunneling Protocol (PPTP)
Point-to-Point-Tunneling Protocol is a networking technology that supports multiprotocol virtual private networks (VPN). This protocol enables remote users to access corporate networks securely across various operating systems and other point-to-point protocol (PPP) enabled systems to dial into a local Internet service provider, in order to connect securely to their corporate network through the Internet. PPTP is best suited for the remote access applications of VPNs, but it also supports LAN internetworking. PPTP operates at Layer 2 of the OSI model.
The PPTP can also be used to tunnel a PPP session over an IP network. PPTP uses a client-server architecture to decouple functions that exist in current Network Access Servers and support Virtual Private Networks. PPTP specifies a call control and management protocol that allows the server to control access for dial-in circuit switched calls originating from a PSTN or ISDN, or to initiate outbound circuit-switched connections.
PPTP data is packed within the PPP packets and then encapsulates the PPP packets within IP packets (datagrams) for transmission through an Internet-based VPN tunnel. PPTP supports data encryption and compression of the data packets. PPTP also uses a form of General Routing Encapsulation (GRE) to get data to and from its final destination. The PPTP-based Internet remote-access VPNs are the most common form of PPTP VPN. In this environment, VPN tunnels are created by means of the following two-step process:
1. The PPTP client connects to their ISP using PPP dial-up networking.
2. PPTP creates a TCP control connection between the VPN client and VPN server to establish a tunnel PPTP uses TCP port 1723 for these connections.
PPTP also supports VPN connectivity via a LAN and therefore, the tunnels can be created directly using the YCP control connection between the VPN server and client. When the VPN tunnel is established, PPTP supports two types of information flow:
1. Control messages for managing and eventually breaking down the VPN connection. This message is passed directly between the VPN client and the server.
2. Data packets are passed to or from the VPN client through the tunnel.
Remote Desktop Protocol (RDP) of Remote Access Service (RAS)
Remote Desktop Protocol (RDP) is a multi-channel protocol that allows a user to connect to a system for separate virtual channels used for carrying presentation data, serial device communication, and highly encrypted information. This protocol is designed to provide remote display and input capabilities through network connections for Windows-based applications running on a server. RDP is mainly used for connectivity purposes because it offers a platform to extend capabilities. This is because RDP provides several thousands of channels for data transmission. It is also designed to support many different types of network topologies such as ISDN and LAN protocols like IPX, NetBIOS.