by MS
q Disconnect When Connection May No Longer Be Needed Specifies whether Windows Vista disconnects when a user quits all Internet programs that would otherwise use the connection.
Click OK three times when you are finished.
Tip
If users complain about getting disconnected during dial-up sessions, the Disconnect settings can be the problem. Talk with the users about how they use the Internet and then determine whether you should change the settings to better meet their needs. Another reason for disconnection is if the Idle Time Before Hanging Up option is used with redialing settings.
Configuring Redialing Options
With dial-up connections, you can set dialing options that enable connections to be automatically redialed when lines are busy and when the connection is dropped. To configure redialing options, follow these steps:
Click Start and then click Control Panel. In Control Panel, click Network And Internet.
In Network And Internet, click Internet Options. In the Internet Properties dialog box, click the Connections tab.
Select the connection you want to configure in the Dial-Up And Virtual Private Network Settings list box and then click Settings.
In the Settings dialog box, click Properties. This displays a properties dialog box.
Click the Options tab. Use the following settings in the Redialing Options panel to configure redialing:
q Redial Attempts Sets the number of times to redial the phone number automatically. To disable redialing, enter 0 as the redial value.
q Time Between Redial Attempts Sets the time to wait before redial attempts. The available values are 1 second, 3 seconds, 5 seconds, 10 seconds, 30 seconds, 1 minute, 2 minutes, 5 minutes, and 10 minutes.
q Idle Time Before Hanging Up Specifies whether Windows Vista disconnects the phone line when the connection hasn't been actively used for a specified time. The available values are Never (the standard default), 1 minute, 5 minutes, 10 minutes, 30 minutes, 1 hour, 2 hours, 4 hours, 8 hours, and 24 hours.
q Redial If Line Is Dropped Specifies whether Windows Vista attempts to redial the connection if the line is dropped. With connections to the workplace, this option is usually cleared by default. In most cases, however, you'll want to select it.
Click OK three times.
Setting a Connection to Use Dialing Rules
Dial-up connections can be configured with or without dialing rules. If you don't use dialing rules with a connection, the seven-digit phone number assigned to the connection is dialed at all times. When you assign dialing rules, the current dialing location determines whether the connection is attempted as a local or long-distance phone call.
To view or set the dialing rules for a connection, follow these steps:
Click Start and then click Control Panel. In Control Panel, click Network And Internet.
In Network And Internet, click Internet Options. In the Internet Properties dialog box, click the Connections tab.
Select the connection you want to configure in the Dial-Up And Virtual Private Network Settings list box and then click Settings.
In the Settings dialog box, click Properties. This displays a properties dialog box.
To ensure the connection uses the appropriate dialog rules, on the General tab, select Use Dialing Rules and then type an area code and select a country/region code.
If you don't want to use dialing rules, clear the Use Dialing Rules check box.
Click OK three times.
Configuring Primary and Alternate Phone Numbers
With dial-up connections, you can configure two types of phone numbers: the primary number to dial whenever a connection is attempted, and alternate phone numbers to try if a primary number fails. To configure phone numbers, follow these steps:
Click Start and then click Control Panel. In Control Panel, click Network And Internet.
In Network And Internet, click Internet Options. In the Internet Properties dialog box, click the Connections tab.
Select the connection you want to configure in the Dial-Up And Virtual Private Network Settings list box and then click Settings.
In the Settings dialog box, click Properties. This displays a properties dialog box.
The primary phone number is listed in the Phone Number text box. Type a new number as necessary.
Click Alternates. This displays the Alternate Phone Numbers dialog box. You can now manage primary and alternate phone numbers using the following techniques:
q To add a phone number, click Add to display the Add Alternate Phone Number dialog box. Next enter the seven-digit number used to dial the alternate number locally in the Phone Number text box. You can use a dash if desired, such as 555-1234. If you want to set dialing rules, select Use Dialing Rules and then type an area code and select a country/region code. Click OK.
q To change the order in which numbers are dialed, select a number and then use the up or down arrow to change its position in the Phone Numbers list. The top number in the list becomes the primary number.
q To edit existing numbers, select the number in the Phone Numbers list and then click Edit. Then use the Edit Alternate Phone Number dialog box to change the number settings.
q To remove a number, select the number in the Phone Numbers list and then click Delete.
If you want to automatically use alternate numbers, select If Number Fails, Try Next Number. You can also move a successful number to the top of the list (making it the primary number) if Windows Vista is able to successfully dial it after a previous number fails. To do this, select Move Successful Number To Top Of List.
Click OK four times.
Configuring Identity Validation
Proper identity validation is essential to maintaining the integrity of your network. When users dial in to the office, you should ensure that identities are validated securely if at all possible. This isn't the default setting for standard dial-up connections, however. With most connections, the user's logon information for connections can be validated using the following options:
Allow Unsecured Password Allows the user logon information to be passed in clear text over the connection.
Require Secured Password Forces Windows Vista to attempt to pass logon information using a secure technique, such as MSCHAP Version 2 or Challenge Handshake Authentication Protocol (CHAP), rather than clear text. You can also configure connections to use Extensible Authentication Protocol (EAP).
Use Smart Card Tells Windows Vista to validate the logon using a smart card.
With dial-up and broadband connections, you can use any of these options. With VPN, you can only use the secure techniques. When you require a secured password, you can also automatically pass the Windows logon name, password, and domain specified in the configuration. Passing the Windows logon information automatically is useful when users connect to the office and must be authenticated in the Windows domain. With both secure validation techniques, you can require data encryption and force Windows Vista to disconnect if encryption cannot be used. Data encryption is automatically used with Windows Authentication for both secured passwords and smart cards.
To configure identity validation, follow these steps:
Click Start and then click Control Panel. In Control Panel, click Network And Internet.
In Network And Internet, click Internet Options. In the Internet Properties dialog box, click the Connections tab.
Select the connection you want to configure in the Dial-Up And Virtual Private Network Settings list box and then click Settings.
In the Settings dialog box, click Properties. This displays a properties dialog box.
Click the Security tab.
In the Security Options panel, you can select Typical (Recommended Settings) or Advanced (Custom Settings). The Typical options are Allow Unsecured Password, Require Secure Password, and Use Smart Card.
If you require secure passwords, you can also set automatic logon and require data encryption. Both options are useful when logging on to a
Windows domain. The settings must be supported, however; if they aren't, users won't be able to validate their logons and connections won't be completed.
If you use smart cards, you should also require data encryption. Data encryption is essential to ensuring the integrity and security of the data passed between the originating computer and the authenticating computer. If you select Require Data Encryption and the connection is not secured with encryption, the client computer will drop the connection.
Click OK three times.
Note
By default, all connections to a Microsoft Routing And Remote Access Server use PPTP Version 2 to encrypt the data channel. Although a PPP connection to a third party remote access server may use CHAP for authentication, the server might need to be specially configured to encrypt the data channel.
Configuring Networking Protocols and Components
The way in which networking protocols and components are configured depends on the type of connection. As Table 13-1 describes, dial-up connections can use either Point-to-Point Protocol (PPP) or Serial Line Internet Protocol (SLIP) as the connection protocol. Broadband connections use Point-to-Point Protocol over Ethernet (PPPoE). VPN connection use either PPTP or L2TP.
Table 13-1: Connection Protocol Availability by Connection Type
Connection Type
Connection Protocol
Description
Dial-up
PPP
Used to establish connections to Windows servers over dial-up.
Dial-up
SLIP
Used to establish connections to UNIX servers over dial-up; available if you've installed third-party software.
Broadband
PPPoE
Used to establish a point-to-point broadband connection over Ethernet.
VPN
Automatic
Used to automatically detect which VPN protocol is available and establish a virtual tunnel using this protocol.
VPN
PPTP VPN
Sets the PPTP for VPN. PPTP is an extension of PPP.
VPN
L2TP IPSec VPN
Sets the L2TP for VPN. L2TP uses IPSec to enhance security.
Four network components are used with mobile networking: Transmission Control Protocol/Internet Protocol (TCP/IP), QoS Packet Scheduler, File And Printer Sharing For Microsoft Networks, and Client For Microsoft Networks. As Table 13-2 shows, the way these components are configured by default depends on the type of connection that was created originally. You can change these settings to suit your needs. If necessary, you can also install additional networking components.
Table 13-2: Default Component Configuration by Connection Type
Dial-Up Component
Description
Broadband
Standard Dial-Up
Dial-Up to Office
VPN
Transmission Control Protocol/Internet Protocol (TCP/IP)
Required for network communications. By default, Dynamic Host Configuration Protocol (DHCP) is used with connections unless overridden in the property settings.
Y
Y
Y
Y
QoS Packet Scheduler
Manages quality of service for packets and packet scheduling according to priority.
Y
Y
Y
Y
File And Printer Sharing For Microsoft Networks
Enables the sharing of printers and files over the network connection; allows for mapping printers and drives.
N
N
N
Y
Client For Microsoft Networks
Enables Windows Authentication and Windows domain; enables the computer to act as domain client.
N
N
Y
Y
To view or change the networking options for a connection, follow these steps:
Click Start and then click Control Panel. In Control Panel, click Network And Internet.
In Network And Internet, click Internet Options. In the Internet Properties dialog box, click the Connections tab.
Select the connection you want to configure in the Dial-Up And Virtual Private Network Settings list box and then click Settings.
In the Settings dialog box, click Properties. This displays a properties dialog box.
Click the Networking tab. You can now do the following:
q Configure the protocol used by the connection by using the Type Of Dial-Up Server I Am Calling list, Type of VPN list, or Type Of Broadband Connection To Make list, as appropriate.
q Enable network components by selecting the related check box in the This Connection Uses The Following Items list.
q Disable network components by clearing the related check box in the This Connection Uses The Following Items list.
Tip
If any of the network components shown in Table 13-2 are not available and are necessary for the connection, you can install them by clicking Install on the Networking tab. Afterward, select the component type, click Add, and then select the component to use in the list provided.
By default, connections use DHCP to configure network settings, including the IP address to use, subnet mask, default gateway, Domain Name System (DNS) servers, and Windows Internet Naming Service (WINS) servers. If you want to assign a static IP address or override other default settings, select Transmission Control Protocol/Internet Protocol (TCP/IP) and then click Properties. This displays the Transmission Control Protocol/Internet Protocol (TCP/IP) Properties dialog box, which can be configured as discussed in Chapter 12, "Configuring and Troubleshooting TCP/IP Networking."
Click OK three times.
Enabling and Disabling the Windows Firewall for Network Connections
With dial-up, broadband, and VPN connections, you might want to give the computer added protection against attacks by using the Windows Firewall. This built-in firewall protects Windows Vista systems by restricting the types of information that can be communicated. By enforcing the appropriate restrictions, you reduce the possibility that malicious individuals can break into a system—and reducing security risks is extremely important when users are accessing the organization's network from outside your protective firewalls and proxy servers.
The Windows Firewall is enabled by default for all connections and can be enabled or disabled on a per-connection basis. To enable or disable Windows Firewall on a perconnection basis, follow these steps:
Click Start and then click Control Panel. In Control Panel, click Security.
Click Windows Firewall. In the Windows Firewall dialog box, click Change Settings.
In the Windows Firewall Settings dialog box, click the Advanced tab.
Each network connection configured on the computer is listed in the Network Connection Settings panel. Clear the check box for a connection to disable Windows Firewall for that connection. Select the check box for a connection to enable Windows Firewall for that connection.
Click OK when you are finished.
Establishing Connections
As discussed in the "Configuring Automatic or Manual Connections" section of this chapter, dial-up, broadband, and VPN connections can be established manually or automatically. The manual method lets users choose when to connect. The automatic method connects when users start a program that requires network access, such as Internet Explorer.
Connecting with Dial-Up
Dial-up uses a telephone line to establish connections between two modems. To establish a dial-up connection, follow these steps:
Click Start and then click Connect To. In Connect To A Network, click the dialup connection you want to use and then click Connect.
Confirm that the user name is correct and enter the password for the account if it doesn't already appear.
To use the user name and password whenever you attempt to establish this connection, select Save This User Name And Password For The Following Users and then sele
ct Me Only.
To use the user name and password when any user attempts to establish this connection, select Save This User Name And Password For The Following Users and then select Anyone Who Uses This Computer. Don't use this option if you plan to distribute this connection through Group Policy because you don't want to give out your connection password.
The Dial drop-down list shows the number that will be dialed. The primary number is selected by default. To choose an alternate number, click the drop-down list and then select the number you want to use.
Click Dial. When the modem connects to the ISP or office network, you'll see a connection speed. The connection speed is negotiated on a per call basis and depends on the maximum speed of the calling modem and the modem being called, the compression algorithms available, and the quality of the connection.
If you have problems connecting with dial-up, use these tips to help you troubleshoot:
Problem: Modem dials and reaches the other modem but cannot connect. It continues to make connection noises until you cancel the operation.
Resolution: The phone lines are usually the source of the problem. Static or noise on the line can cause connection failures. Check your connections between the modem and the wall. Check with the phone company to see whether they can test the line and resolve the problem.
Problem: Modem dials and seems to connect; then the service provider or office network connection is dropped unexpectedly. The connection doesn't seem to complete successfully.
Resolution: Check your networking protocols and components as discussed in the "Configuring Networking Protocols and Components" section of this chapter. If this seems to be okay, determine whether you are passing Windows logon and domain information, because this might be required. See the "Configuring Connection Logon Information" section of this chapter.
Problem: Cannot access resources in the Windows domain.