1. What is the name of the Windows Server 2008 role you need to deploy to provide remote access services to clients? Explain why this service is important in a corporate environment.
There are two different things that I checked off for configuring the VPN but the role that actually allows the VPN to work is the Routing and Remote Access Services role.
2. What was the IP host range that was allocated for the remote VPN client pool?
The IP host range that was set up for the VPN had three IPs from 172.30.0.20 to 172.30.252
3. How many encryption settings are available from the remote access server? Which one is the best? Which one provides backward compatibility?
There were three different encryption settings. They are Basic Encryption (MPPE 40-bit), Strong Encryption (MPPE 56-bit), and Strongest encryption (MPPE 128-bit). The strongest is the MPPE 128-bit encryption but it is not backwards ...view middle of the document...
Why is it important to use strong encryption in both authentication and communication protocols? Explain.
It is important to have strong encryption in authentication and communication protocols because the information will be traveling over the public internet where it can be intercepted but with a strong encryption the people who have intercepted this information will not be able to read it or do anything with it.
6. Name the available authentication methods (protocols) available when configuring the VPN. Which authentication method is considered stronger? Why?
There were three available authentication protocols available. Microsoft Protected EAP (PEAP), Microsoft Encrypted Authentication Version 2 (MS-CHAPv2), and Microsoft Encrypted Authentication (MS-CHAP) are the available protocols. The Microsoft Encrypted Authentication Version 2 is considered the strongest because it uses encrypted data and it allows the passwords to be changed while the authentication is on going.
7. What other type of connections are supported by Microsoft Remote Access services in Server 2008?
The two types of connection that are supported by the Microsoft Remote Access services in Server 2008 are VPN and Dial-Up.
8. After connecting to the VPN server, which IP address from the pool was assigned to the client? Aside from the IPCONFIG command, how else can you verify IP settings on a windows workstation?
The IP address that was assigned to the host computer was 172.30.0.251. You can use IPCONFIG to find the IP address or you can also go into the control panel and type in adapter and then click the View network connections option, then click the details option and your IP address will be right next to the label IPv4.
9. How can you verify that the IPSec VPN tunnel is encrypting your IP data payload?
You can verify that the data is encrypted by capturing the packets sent with Wireshark and then analyzing these captured packets. On my capture and since I was using point-to-point encryption I was able to see that the packets were labeled with this encryption.
10. What kind of encryption was used for your remote access VPN connection between the remote access server and the client?
The encryption that was used for my remote connection was the Point-to-Point encryption.