The Windows NT Workstation and Windows NT Server RAS connects remote or mobile workers to corporate networks. Optimized for client/server computing, RAS is implemented primarily as a software solution, and is available on all Microsoft operating systems.
To understand the RAS architecture, it is important to make the distinction between RAS and remote-control solutions, such as Cubix and pcANYWHERE. RAS is a software-based, multiprotocol router, while remote-control solutions work by sharing screen, keyboard, and mouse control over a WAN connection. In a remote-control solution, users share a CPU or multiple CPUs on the server. In contrast, a computer running Windows NT RAS server's is dedicated to communications, not to running applications.
The Windows NT operating system supports the Point-to-Point Protocol (PPP) in RAS. PPP is a set of industry-standard framing and authentication protocols. PPP negotiates configuration parameters for multiple layers of the OSI model.
PPP support in Windows NT 3.5 and later (and Windows 95) means that computers running Windows can dial into remote networks through any server that complies with the PPP standard. PPP compliance enables a Windows NT Server to receive calls from other vendors' remote-access software and to provide network access to them.
The PPP architecture also enables clients to load any combination of IPX, TCP/IP, and NetBEUI. Applications written to the Windows Sockets, NetBIOS, or IPX interfaces can now be run on a remote computer running Windows NT Workstation. The following figure illustrates the PPP architecture of RAS.
Figure 1.25 Point-to-Point Protocol
The RAS connection sequence is key to understanding the PPP protocol. Upon connecting to a remote computer, the PPP negotiation begins.
When the PPP connection sequence is successfully completed, the remote client and RAS server can begin to transfer data using any supported protocol, such as Windows Sockets, RPC, or NetBIOS. The following illustration shows where the PPP protocol is on the OSI model.
Figure 1.26 PPP within the OI model
If a remote client is configured to use the NetBIOS Gateway or Serial Line Internet Protocol (SLIP), this sequence is invalid.
Point-to-point tunneling protocol (PPTP) is a new networking technology that supports multiprotocol, virtual private networks (VPNs). PPTP enables remote users to securely access corporate networks across the Internet. This eliminates the need for corporations to invest in communications lines, such as ISDN, between corporate sites.
If you select PPTP filtering, you effectively disable the selected network adapter for all other protocols. Only PPTP packets will be allowed in. A typical scenario in which you might use this is with a computer that is multihomed and that has one network adapter (with PPTP filtering enabled) connected to the Internet and another network adapter connected to the internal corporate network. Clients outside the corporate network can use PPTP to connect to this machine from across the Internet and thus gain secure access to the corporate network.
For more information about working with Windows NT on the Internet, see the Microsoft Windows NT Server 4.0 Internet Guide.
Windows NT continues to support NetBIOS gateways, the architecture used in previous versions of the Windows NT operating system and LAN Manager. Remote users connect using NetBEUI, and the RAS server translates packets to IPX or TCP/IP, if necessary. This enables users to share network resources in a multiprotocol LAN, but prevents them from running applications that rely on IPX or TCP/IP on the client. The NetBIOS gateway is used by default when remote clients use NetBEUI. The following illustration shows the NetBIOS gateway architecture of RAS.
Figure 1.27 NetBIOS gateway architecture of RAS
An example of the NetBIOS gateway capability is remote network access for Lotus Notes users. While Lotus Notes does offer dial-up connectivity, dial-up is limited to the Notes application. RAS complements this connectivity by providing a low-cost, high-performance, remote-network connection for Notes users, which connects Notes and offers file and print services with access to other network resources.
SLIP is an older communications standard found in UNIX environments. SLIP does not provide the automatic negotiation of network configuration and encrypted authentication that PPP can provide. SLIP requires user intervention. Windows NT RAS can be configured as a SLIP client, enabling users to dial into an existing SLIP server. RAS does not provide a SLIP server in Windows NT Server.
For more information about RAS issues, see the Rasphone.hlp online Help file on the Windows NT distribution disks (or, if RAS has been installed, see systemroot\System32).