1 microsoft windows nt 4.0 authentication protocols password authentication protocol (pap) challenge...
TRANSCRIPT
![Page 1: 1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft](https://reader036.vdocuments.mx/reader036/viewer/2022082614/56649dc45503460f94ab7c4a/html5/thumbnails/1.jpg)
1
Microsoft Windows NT 4.0 Authentication Protocols
• Password Authentication Protocol (PAP)
• Challenge Handshake Authentication Protocol (CHAP)
• Microsoft Challenge Handshake Authentication Protocol (MS-CHAP)
• Shiva Password Authentication Protocol (SPAP)
• Point-to-Point Tunneling Protocol (PPTP)
![Page 2: 1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft](https://reader036.vdocuments.mx/reader036/viewer/2022082614/56649dc45503460f94ab7c4a/html5/thumbnails/2.jpg)
2
Microsoft Windows 2000 Authentication Protocols
• Support the Windows NT 4.0 authentication protocols
• Extensible Authentication Protocol (EAP)
• Remote Authentication Dial-In User Service (RADIUS)
• Internet Protocol Security (IPSec)
• Layer Two Tunneling Protocol (L2TP)
• Bandwidth Allocation Protocol (BAP)
![Page 3: 1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft](https://reader036.vdocuments.mx/reader036/viewer/2022082614/56649dc45503460f94ab7c4a/html5/thumbnails/3.jpg)
3
Extensible Authentication Protocol (EAP)
• Is an extension to the Point-to-Point protocol (PPP)
• Works with dial-up, PPTP, and L2TP clients
• Allows arbitrary authentication mechanisms to validate a dial-in connection
• Supports authentication by using generic token cards, MD5-CHAP, and TLS
• Allows vendors to supply new client and server authentication modules
![Page 4: 1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft](https://reader036.vdocuments.mx/reader036/viewer/2022082614/56649dc45503460f94ab7c4a/html5/thumbnails/4.jpg)
4
Remote Authentication Dial-In User Service (RADIUS)
• RADIUS provides• Remote user authentication that is vendor-
independent.• Scaleable authentication designs for
performance.• Fault-tolerant designs for reliability.
• Windows 2000 can act as a RADIUS client or server.
![Page 5: 1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft](https://reader036.vdocuments.mx/reader036/viewer/2022082614/56649dc45503460f94ab7c4a/html5/thumbnails/5.jpg)
5
Windows 2000 Can Act as a RADIUS Client
• A RADIUS client• Is typically an ISP dial-up server• Receives authentication requests• Forwards the requests to a RADIUS server
• A Windows 2000 RADIUS client• Can also forward accounting information• Is configured on the remote access server’s
Securities tab
![Page 6: 1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft](https://reader036.vdocuments.mx/reader036/viewer/2022082614/56649dc45503460f94ab7c4a/html5/thumbnails/6.jpg)
6
Windows 2000 Can Act as a RADIUS Server
• A RADIUS server validates the RADIUS client request.
• Windows 2000 uses Internet Authentication Services (IAS) to perform authentication.
• IAS stores accounting information from RADIUS clients in log files.
• IAS is one of the optional components you can add.
![Page 7: 1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft](https://reader036.vdocuments.mx/reader036/viewer/2022082614/56649dc45503460f94ab7c4a/html5/thumbnails/7.jpg)
7
Internet Protocol Security (IPSec)
• Consists of a set of security protocols and cryptographic protection services
• Ensures secure private communications over IP networks
• Provides aggressive protection against private network and Internet attacks
• Negotiates a security association (SA) with clients that acts as a private key to encrypt the data flow
![Page 8: 1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft](https://reader036.vdocuments.mx/reader036/viewer/2022082614/56649dc45503460f94ab7c4a/html5/thumbnails/8.jpg)
8
Layer Two Tunneling Protocol
• Similar to PPTP
• Creates an encrypted tunnel
• Does not provide encryption
• Works with encryption technologies such as IPSec
![Page 9: 1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft](https://reader036.vdocuments.mx/reader036/viewer/2022082614/56649dc45503460f94ab7c4a/html5/thumbnails/9.jpg)
9
Differences Between L2TP and PPTP
• L2TP does not require an IP-based transit network.
• L2TP supports header compression.
• L2TP supports tunnel authentication.
• L2TP uses IPSec for encryption and PPTP uses PPP encryption.
![Page 10: 1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft](https://reader036.vdocuments.mx/reader036/viewer/2022082614/56649dc45503460f94ab7c4a/html5/thumbnails/10.jpg)
Bandwidth Allocation Protocol (BAP) and Bandwidth Allocation Control Protocol (BACP)
• Dynamically add or drop links on demand
• Are PPP control protocols
• Provide bandwidth on demand
10
![Page 11: 1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft](https://reader036.vdocuments.mx/reader036/viewer/2022082614/56649dc45503460f94ab7c4a/html5/thumbnails/11.jpg)
11
Allowing Inbound Dial-Up Connections
![Page 12: 1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft](https://reader036.vdocuments.mx/reader036/viewer/2022082614/56649dc45503460f94ab7c4a/html5/thumbnails/12.jpg)
12
Configuring Devices for Incoming Connections
![Page 13: 1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft](https://reader036.vdocuments.mx/reader036/viewer/2022082614/56649dc45503460f94ab7c4a/html5/thumbnails/13.jpg)
13
Allowing Virtual Private Connections
• Click Next on the Devices For Incoming Connections page.
• Select either to allow or not allow virtual private connections on the Incoming Virtual Private Connection page.
![Page 14: 1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft](https://reader036.vdocuments.mx/reader036/viewer/2022082614/56649dc45503460f94ab7c4a/html5/thumbnails/14.jpg)
14
Specifying Users and Callback Options
![Page 15: 1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft](https://reader036.vdocuments.mx/reader036/viewer/2022082614/56649dc45503460f94ab7c4a/html5/thumbnails/15.jpg)
15
Selecting Networking Components
• Choose the networking components to enable for incoming calls.
• Install additional networking components.
![Page 16: 1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft](https://reader036.vdocuments.mx/reader036/viewer/2022082614/56649dc45503460f94ab7c4a/html5/thumbnails/16.jpg)
16
Dial-Up Connections
![Page 17: 1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft](https://reader036.vdocuments.mx/reader036/viewer/2022082614/56649dc45503460f94ab7c4a/html5/thumbnails/17.jpg)
17
Connections to a Virtual Private Network (VPN)
• Create a VPN by using tunneling protocols such as PPTP or L2TP.
• Create secure connections across an untrusted network.
• Select Connect To A Private Network Through The Internet.
• Decide if you want to select Automatically Dial This Initial Connection.
• Enter the host name or IP address to which you are connecting.
• Specify who can use the connection.
![Page 18: 1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft](https://reader036.vdocuments.mx/reader036/viewer/2022082614/56649dc45503460f94ab7c4a/html5/thumbnails/18.jpg)
18
Direct Connection to Another Computer Through a Cable
• Select Connect Directly To Another Computer.
• Select whether your computer will be the host or the guest for the connection.
• Select the port that is connected to the other computer.
• Specify the users who can use this connection.
• Decide if you want a shortcut icon on your desktop.