138 | Lesson 6 8. Select the Custom configuration radio button and click Next. 9. Select the LAN routing check box and click Next. 10. Click Finish for the summary screen. Now RRAS is configured and can be modified further depending on what network adapters and IP addresses the server has. By enabling LAN routing, the concept known as IP forwarding has been turned on, but only if the server has two or more network adapters. IP forwarding bridges the gap between the two network adapters even if they are on two different IP networks.

11. Be sure to save the MMC for use later on. You might also want to disable RRAS in

case you will be using other services that might conflict with it in the future. To do this, just right click the server in the MMC and select Disable. Defining IPsec Internet Protocol Security IPsec is a protocol within the TCPIP suite that encrypts and authenticates IP packets. It is designed to secure any application traffic because it resides on the network layer or Internet layer, as TCPIP programmers refer to it. This protocol is used in conjunction with virtual private networks and is an integral part of IPv6. There are three main protocols that IPsec uses to perform its necessary functions: • Security association SA: This generates the encryption and authentication keys that are used by IPsec. • Authentication header AH: This provides connectionless integrity and the authentication of data. It also provides protection versus replay attacks. • Encapsulating security payload ESP: This provides the same services as AH but also provides confidentiality when sending data. The particular IPsec protocol that is used is determined by the application utilizing IPsec. We will talk more about IPsec when we delve into VPNs in Lesson 8. If you get an error mes- sage saying “Class not registered 80040154” or “RPC server is not available,” try installing the role called Network Policy and Access Services. TAKE NOTE CERTIFICATION READY How would you define IPsec? 3.5 CERTIFICATION READY How would you identify and configure DNS? 3.4 Defining DNS The Domain Name System DNS is a worldwide service that resolves host names to IP addresses. This facilitates proper communication between computers. DNS servers commu- nicate with each other in a hierarchy in an effort to teach each other their name resolutions. DNS servers are also implemented in today’s LANs e.g., Microsoft domains, although DNS can be used on any operating system that runs TCPIP. The LAN DNS servers do the same thing as their Internet counterparts, just on a smaller scale although sometimes not so small. DNS servers use inbound port 53 to accept name resolution requests. Microsoft DNS servers run the DNS service, and clients can connect to and use that service as long as their IP properties pages are configured properly. ■ Defining Name Resolution Techniques Computers work best when communicating by IP address. However, humans work best when they communicate with words. Something has to give. Therein lies the purpose of name resolution. Names can be resolved or translated to IP address by services such as DNS and WINS. THE BOTTOM LINE