The Cable Guy - Column Archives

By The Cable Guy

Enable Connectivity and End-to-End Solutions Using Windows Networking Technologies

2010

• August 2010 - Templates and Accounting Improvements for Network Policy Server (NPS) in Windows Server 2008 R2

  This article describes the new templates feature and local log file and SQL logging options in NPS.

• July 2010 - Connecting to Wireless Networks with Windows 7

  This article describes how to connect to 802.11 wireless networks and manage wireless network profiles with Windows 7.

• June 2010 - DirectAccess with Network Access Protection (NAP)

  This article describes how DirectAccess and NAP can be used together to enforce system health requirements before allowing a DirectAccess client access to the intranet.

• May 2010 - Changes to the DNS Client Service in Windows 7 and Windows Server 2008 R2

  This article describes the changes to the DNS Client service, including new name devolution behavior, the Name Resolution Policy Table (NRPT), and DNS Security (DNSSEC).

• April 2010 - Network Diagnostics and Tracing in Windows 7

  This article describes the new features and integrated support for network diagnostics and event tracing in Windows 7.

• March 2010 - DirectAccess and Network Location Detection

  This article describes name resolution and network location detection for DirectAccess clients and how to plan for network location detection in your network.

• February 2010 - The Name Resolution Policy Table

  This article from TechNet Magazine describes the Name Resolution Policy Table (NRPT) in the latest versions of Windows, how it works, and how to configure NRPT rules using Group Policy.

• January 2010 - End-to-End WAN Optimization with BranchCache

  This article from TechNet Magazine describes the operation and security of BranchCache, the new WAN optimization technology in the latest versions of Windows.

2009

• July 2009 - Support for IPv6 in Windows Server 2008 R2 and Windows 7

  This article from TechNet Magazine describes the new features of IPv6 in the latest versions of Windows, including HomeGroup, DirectAccess, and enhanced support for IPv6 transition technologies.

• June 2009 - NAP on the Internet

  This article from TechNet Magazine describes how you can use Network Access Protection (NAP) to evaluate and automatically correct system health on managed computers that are roaming on the Internet.

• May 2009 - DirectAccess and the Thin Edge Network

  This article from TechNet Magazine describes how DirectAccess uses a combination of technologies to provide seamless access to intranet resources and how it allows you to reduce the number of remote access-related servers in your edge network.

2008

• April 2008 - Troubleshooting NAP Enforcement

  This article from TechNet Magazine describes how Network Access Protection (NAP) health policy evaluation works and how to troubleshoot the most common issues with NAP enforcement.

• February 2008 - IEEE 802.1X Wired Authentication

  This article from TechNet Magazine describes how to configure IEEE 802.1X authentication settings on wired connections for computers running Windows Vista or Windows Server 2008.

• January 2008 - DNS Enhancements in Windows Server 2008

  This article from TechNet Magazine describes the new features of the Domain Name System (DNS) Server service in Windows Server 2008.

2007

• December 2007 - Network Policy Server

  This article from TechNet Magazine describes the features and enhancements to Network Policy Server (NPS) in Windows Server 2008, the replacement for the Internet Authentication Service (IAS) in Windows Server 2003.

• November 2007 - Wireless Single Sign-On

  This article from TechNet Magazine describes how Wireless Single Sign On in Windows Vista provides a more seamless logon for users and allows you to configure when to perform wireless network authentication to address domain logon issues and VLAN configurations.

• October 2007 - The Authenticated Internet Protocol

  This article from TechNet Magazine describes the details of the Authenticated Internet Protocol (AuthIP), an enhanced version of the Internet Key Exchange (IKE) protocol for Internet Protocol security (IPsec)-protected communication.

• September 2007 - Strong and Weak Host Models

  This article from TechNet Magazine describes how the strong and weak host models for multihomed hosts work for the Next Generation TCP/IP Stack in Windows Vista.

• August 2007 - IPv6 Autoconfiguration in Windows Vista

  This article from TechNet Magazine describes how Windows Vista performs stateful and stateless address autoconfiguration for LAN and Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) tunneling interfaces.

• July 2007 - IPv6 Traffic over VPN Connections

  This article from TechNet Magazine describes how IPv6 traffic can be sent over virtual private network (VPN) connections that are established across the IPv4 and IPv6 Internets using Windows Vista, Windows Server 2008, Windows XP, and Windows Server 2003.

• June 2007 - The Secure Socket Tunneling Protocol

  This article from TechNet Magazine describes how the Secure Socket Tunneling Protocol (SSTP) uses the HyperText Transfer Protocol (HTTP) over secure sockets layer (SSL) for remote access VPN connections across network address translators (NATs), firewalls, and proxy servers.

• May 2007 - EAPHost in Windows

  This article from TechNet Magazine describes the new architecture in Windows Vista and Windows Server 2008 to support Extensible Authentication Protocol (EAP) supplicants and authentication methods.

• April 2007 - Wireless Group Policy Settings for Windows Vista

  This article from TechNet Magazine describes the enhanced wireless Group Policy settings that are supported by wireless clients running Windows Vista or Windows Server 2008.

• March 2007 - The DHCPv6 Protocol

  This article from TechNet Magazine describes how Dynamic Host Configuration Protocol for IPv6 (DHCPv6) can provide IPv6 hosts with stateful addresses or stateless configuration settings.

• February 2007 - QoS Support in Windows

  This article from TechNet Magazine describes how Quality of Service (QoS) is supported in current and future versions of Microsoft Windows.

• January 2007 - TCP Receive Window Auto-Tuning

  This article from TechNet Magazine describes how Windows Vista uses TCP Receive Window Auto-Tuning to optimize TCP throughput for received data.

2006

• December 2006 - IPv6 over Point-to-Point Protocol Links

  This article describes how IPv6 packets are sent over Point-to-Point Protocol (PPP) links and the IPv6 Control Protocol (IPV6CP), which configures IPv6 options during the PPP connection negotiation.

• November 2006 - Link-Local Multicast Name Resolution

  This article describes how the new Link-Local Multicast Name Resolution (LLMNR) protocol in Windows Vista provides name resolution for computer names on a subnet without a Domain Name System (DNS) server.

• October 2006 - Explicit Congestion Notification (ECN) in TCP/IP

  This article describes how ECN helps prevent packet losses on congested networks and how ECN is supported in Windows Vista.

• September 2006 - Network Location Types in Windows Vista

  This article describes the new network location types in Windows Vista and the default security settings for each type (Domain, Private, and Public).

• August 2006 - AuthIP in Windows Vista

  This article describes the Authenticated Internet Protocol (AuthIP) in Windows Vista, an enhanced version of the Internet Key Exchange (IKE) protocol that provides simplified IPsec policy configuration and additional authentication flexibility.

• July 2006 - Network Diagnostics Framework in Windows Vista

  This article describes the new Network Diagnostics Framework in Windows Vista that diagnoses and corrects network connectivity problems.

• June 2006 - Microsoft Windows Server 2003 Scalable Networking Pack Overview

  This article describes how the Windows Server 2003 Scalable Networking Pack helps you scale your networking applications and services.

• May 2006 - Configuring IPv6 with Windows Vista

  This article describes how to configure Internet Protocol version 6 (IPv6) settings with Microsoft Windows Vista.

• April 2006 - Connecting to Wireless Networks with Windows Vista

  This article describes the improvements for connecting to an IEEE 802.11 wireless network with Windows Vista.

• March 2006 - Policy-based QoS Architecture in Windows Server 2008 and Windows Vista

  This article describes the architecture of the new Policy-based Quality of Service (QoS) feature in Windows Vista and Windows Server 2008 and how it marks or throttles outgoing traffic.

• February 2006 - Source and Destination Address Selection for IPv6

  This article describes the IPv6 source and destination address selection algorithms and provides an example of their use.

• January 2006 - The New Windows Firewall in Windows Vista and Windows Server 2008

  This article describes the features of the new Windows Firewall in Windows Vista and Windows Server 2008.

2005

• December 2005 - Windows TCP/IP Ephemeral, Reserved, and Blocked Port Behavior

  This article describes the various types of Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) ports that are available to Windows Sockets applications and their ranges for Windows XP and Windows Server 2003.

• November 2005 - Performance Enhancements in the Next Generation TCP/IP Stack

  This article describes the performance enhancements of the Next Generation TCP/IP stack, which include Receive Window Auto-Tuning, enhancements for wireless traffic, and improved routing path detection and recovery.

• October 2005 - Changes to IPv6 in Windows Vista and Windows Server 2008

  This article describes the new features for IPv6 and the Teredo IPv6 transition technology in the Next Generation TCP/IP stack.

• September 2005 - Next Generation TCP/IP Stack in Windows Vista and Windows Server 2008

  This article describes the Next Generation TCP/IP stack, which is a complete redesign of TCP/IP functionality for both Internet Protocol version 4 (IPv4) and IPv6 in Windows Vista and Windows Server 2008.

• August 2005 - Wi-Fi Protected Access 2 Data Encryption and Integrity

  This article describes the details of the Wi-Fi Protected Access 2 (WPA2) implementation of the Advanced Encryption Standard (AES) Counter Mode Cipher Block Chaining-Message Authentication Code (CBC-MAC) protocol (CCMP) for encryption, decryption, and data integrity validation of 802.11 wireless frames.

• July 2005 - Network Access Protection Platform Overview

  This article describes the Network Access Protection (NAP) platform for Windows Server 2008 and Windows Vista, which provides components and an infrastructure to enforce compliance with computer health requirements for network access and communication.

• June 2005 - TCP/IP Packet Processing Paths

  This article describes the basic architecture of the TCP/IP protocol for IP version 4, the additional components that process packets, and the packet processing path for unicast traffic sent, received, and forwarded by Windows-based computers.

• May 2005 - Wi-Fi Protected Access 2 (WPA2) Overview

  The Wi-Fi Protected Access 2 (WPA2)/Wireless Provisioning Services Information Element (WPS IE) Update for Windows XP with Service Pack 2 is a free download that updates the wireless client components in Windows XP with Service Pack 2 to support WPA2. This article describes the features of WPA2 security and WPA2 support included with the update.

• April 2005 - Windows XP and Windows Server 2003 Behavior When Connected to Both Wired and Wireless Networks

  This article describes how computers running Windows XP or Windows Server 2003 behave when they have simultaneous connectivity to both wired and wireless networks.

• March 2005 - Troubleshooting IPv6

  This article describes the tasks and tools to gather information and test networking components when troubleshooting an arbitrary problem with IPv6 in Windows.

• February 2005 - IPsec Filter Ordering

  This article describes the IPsec filter list, which is the end result of applying an IPsec policy. The IPsec filter list specifies the exact set of interesting IP traffic and how the traffic is to be handled (permitted, blocked, or secured) and is ordered based on a weight value calculated by the IPsec Policy Agent component.

• January 2005 - Testing Network Paths for Common Types of Traffic

  This article lists a set of tools that you can use to test network paths for specific types of traffic and describes how to use the tools for the most common types of traffic that are dropped by firewalls installed in a Windows networking infrastructure.

2004

• December 2004 - New Networking Features in Microsoft Windows Server 2003 Service Pack 1

  This article describes the new networking features and enhancements that are included in Windows Server 2003 Service Pack 1 to support server services and operations.

• November 2004 - Wi-Fi Protected Access Data Encryption and Integrity

  This article describes the details of Temporal Key Integrity Protocol (TKIP) and Michael in the Wi-Fi Protected Access (WPA) standard for encryption, decryption, and data integrity validation of 802.11 wireless frames.

• October 2004 - Problems with Using Network Address Translators

  This article discusses the pitfalls of network address translators (NATs) when using multiparty applications, peer-to-peer applications, and Internet Protocol security (IPsec) NAT-Traversal (NAT-T).

• September 2004 - Introduction to Mobile IPv6

  This article explains the basics of Mobile IPv6 and how it allows an IPv6 node to remain reachable regardless of its location on an IPv6 network.

• August 2004 - Wireless LAN Enhancements in Windows XP Service Pack 2

  This article reviews the enhancements included in Windows XP Service Pack 2 (SP2) to support Institute of Electrical and Electronic Engineers (IEEE) 802.11-based wireless local area networks (LANs).

• July 2004 - Path Maximum Transmission Unit (PMTU) Black Hole Routers

  PMTU black hole routers can cause problems for TCP connections by silently dropping packets that cannot be fragmented. This article describes how to detect and work around PMTU black hole routers.

• June 2004 - The New Wireless Network Setup Wizard in Windows XP Service Pack 2

  The Wireless Network Setup Wizard in Windows XP with Service Pack 2 automates the configuration of strong security for small wireless networks by using a Universal Serial Bus (USB) flash drive (UFD). Once created, you can plug the UFD into other wireless devices in the home or small office that support Windows Connect Now.

• May 2004 - Network Determination Behavior for Network-Related Group Policy Settings

  The networking components of Windows XP and Windows Server 2003 must determine whether or not the computer is attached to a managed network containing the domain controllers of the domain to which the computer belongs or another network in order to correctly apply a set of network-related Group Policy settings, such as Windows Firewall settings.

• April 2004 - Configuring Routing and Remote Access for RADIUS Authentication and Accounting

  The Routing and Remote Access service in Windows Server 2003 supports both Windows and Remote Authentication Dial-In User Service (RADIUS) authentication and accounting providers. This article describes how to configure the Routing and Remote Access service for the RADIUS authentication and accounting providers and how to configure the Internet Authentication Service (IAS) for a RADIUS client corresponding to a Routing and Remote Access server.

• March 2004 - Local Server-Less DNS Name Resolution for IPv6

  Local Server-Less Domain Name System (LSLDNS), also known as multicast DNS, is a new capability in the IPv6 protocol included with Windows CE version 4.1 and later that allows nodes to resolve each other's names on a network segment without using DNS servers.

• February 2004 - Windows Firewall in Windows XP Service Pack 2

  Windows XP SP2 includes the new Windows Firewall, which replaces the Internet Connection Firewall (ICF). This article describes the new dialog boxes for Windows Firewall and describes what can be configured on each dialog box.

• January 2004 - New Networking Features in Microsoft Windows XP Service Pack 2

  Windows XP Service Pack 2 includes new networking features to provide enhanced security and additional functionality for wireless users and peer-to-peer network applications. They are: the new Windows Firewall, Wireless Provisioning Services, Windows Peer-to-Peer Networking, and updates to IPv6.

2003

• December 2003 - Wireless Provisioning Services Overview

  Wireless Provisioning Services (WPS) is designed to simplify, automate, and standardize initial sign-up and subscription renewal so that the user does not have to perform a different set of steps for each wireless provider to which they want to connect. This article describes the infrastructure and process when a wireless client initially connects to a public wireless hotspot that is providing access to the Internet.

• November 2003 - Windows Peer-to-Peer Networking

  Peer-to-peer networking enables or enhances real-time communications (RTC), collaboration, content distribution, and distributed processing. To address the need for platform-based peer-to-peer networking capabilities, Microsoft has developed and released Windows Peer-to-Peer Networking for Windows XP with SP2 and for Windows XP with Service Pack 1 (SP1) with the Advanced Networking Pack for Windows XP, a free download.

• October 2003 - Split Tunneling for Concurrent Access to the Internet and an Intranet

  When a Windows-based VPN client makes a VPN connection, it automatically adds a new default route for the VPN connection and modifies the existing default route that points to the Internet to have a higher metric. Adding the new default route means that Internet locations except the IP address of the VPN server are not reachable for the duration of the VPN connection. This article describes how to configure split tunneling, so that both intranet and Internet locations are simultaneously reachable.

• September 2003 - Default Gateway Behavior for Windows TCP/IP

  Learn how to configure the setting for one or multiple default gateways. The default gateway setting, which creates the default route in the IP routing table, is a critical part of the configuration of a TCP/IP host. Without a default gateway, communication with remote destination is not possible unless additional routes are added to the IP routing table.

• August 2003 - IP Address Assignment and the Routing and Remote Access Service

  This article describes the IP address assignment behavior of the Routing and Remote Access service when the remote access client is configured to obtain an IP address automatically, when the remote access policies for remote access connections are configured to allow the remote access server to supply an address, and when the dial-in properties of the user account are not configured to use a static IP address.

• July 2003 - Configuring Wireless Settings Using Windows Server 2003 Group Policy

  To automate the configuration of wireless network settings for Windows XP with SP2, Windows XP with SP1, and Windows Server 2003 wireless client computers, Windows Server 2003 Active Directory domains support a new Wireless Network (IEEE 802.11) Policies Group Policy extension. This new extension allows you to configure wireless network settings that are part of Computer Configuration Group Policy for a domain-based Group Policy object.

• June 2003 - The Reliable Multicast Protocol Component of Windows Server 2003

  In order to use the Pragmatic General Multicast (PGM) on computers running Windows Server 2003, you must add the Reliable Multicast Protocol component and create PGM-enabled applications.

• May 2003 - Configuring Access to Services Behind a Network Address Translator (NAT)

  A NAT forwards traffic from the Internet to the private network if a specific mapping exists in the NAT's translation table. However, this behavior creates a connectivity problem when you want to make private network resources available to Internet clients. Learn how to resolve this issue by allowing traffic for services located behind the NAT computer.

• April 2003 - IPv6 Features in the Advanced Networking Pack for Windows XP

  Windows Peer-to-Peer Networking is a developer platform (which runs exclusively over IPv6) that you can use to create peer-to-peer applications for computers running Windows XP. The enhancements to IPv6 included in the Advanced Networking Pack for Windows XP include: IPv6 Internet Connection Firewall (ICF) and Teredo. Learn more about these features and how they work.

• March 2003 - Wi-Fi Protected Access (WPA) Overview

  To provide an interim solution to the remaining issues of IEEE 802.11 security and Wired Equivalent Privacy (WEP) encryption, a new interoperable standard known as Wi-Fi Protected Access (WPA) is being made available now from wireless vendors. This article describes the security features of WPA and the changes that need to be made to wireless equipment and wireless client software, including Windows, to support WPA.

• February 2003 - Network Access Quarantine Control

  A remote access computer can typically access private network resources even when its configuration does not comply with organization network policy. For example, network policies might require the use of an antivirus programs or the disabling of routing on remote access clients. This article describes Windows Server 2003 Network Access Quarantine Control, a new feature that delays normal remote access to a private network until the configuration of the remote access computer has been examined and validated by an administrator-provided script.

• January 2003 - PPTP Traffic Analysis

  The Point-to-Point Tunneling Protocol (PPTP) is widely used for virtual private network (VPN) connections. This article describes the PPTP control connection and PPTP tunneled data and includes discussions of firewall configuration, Network Address Translator (NAT) editors, and the PPTP connection establishment, maintenance, and termination processes.

2002

• December 2002 - Microsoft 802.1X Authentication Client

  Microsoft 802.1X Authentication Client is a free download that enables computers running Windows 2000 with Service Pack 3 to use IEEE 802.1X to authenticate network connections (including wireless). This article describes how to install and configure Microsoft 802.1X Authentication Client and obtain certificates. Microsoft 802.1X Authentication Client is included with Windows 2000 Service Pack 4 (SP4).

• November 2002 - Windows XP Wireless Auto Configuration

  Windows XP Wireless Auto Configuration dynamically connects to wireless networks based on the set of available networks and the set of configured preferred networks. This article describes Wireless Auto Configuration, its user interface, and how it works to automatically connect your wireless computer to the most preferred wireless network.

• October 2002 - Understanding the IPv6 Routing Table

  Learn about the IPv6 routing table: its structure, the types of entries, and how the route determination process works. Additionally, this article describes an example routing configuration, example IPv6 routing tables, and how the IPv6 protocol determines the next-hop address and interface for various destinations.

• September 2002 - Manual Configuration for IPv6

  In a few cases, an IPv6 host running Windows Vista, Windows XP, or Windows Server 2003 must be manually configured with IPv6 addresses or to act as routers. This article describes how to manually configure IPv6.

• August 2002 - IPsec NAT Traversal Overview

  This article examines the problems associated with using IPsec across NATs, how these problems are solved by IPsec NAT-T, and the resulting changes in the Internet Key Exchange (IKE) negotiation for Quick Mode and Main Mode.

• July 2002 - PEAP with MS-CHAP Version 2 for Secure Password-based Wireless Access

  Secure wireless access for small businesses is obtained through the use of Protected EAP (PEAP) with the Microsoft Challenge-Handshake Authentication Protocol version 2 (MS-CHAP v2) EAP type (known as PEAP with MS-CHAP v2), supported by Windows XP with SP2, Windows XP with SP1, Windows Server 2003, and Windows 2000 SP4.

• June 2002 - IKE Negotiation for IPsec Security Associations

  To ensure successful and secure communication for IPsec, the Internet Key Exchange (IKE) protocol performs a two-phase negotiation. For the IPsec implementation in Windows 2000 and Windows XP, the two phases are Main Mode and Quick Mode.

• May 2002 - Microsoft L2TP/IPsec VPN Client

  Microsoft L2TP/IPsec VPN Client supports the use of either certificates or pre-shared keys for IPsec main mode authentication.

• April 2002 - IEEE 802.1X Authentication for Wireless and Wired Connections

  Learn how Windows supports IEEE 802.1X authentication for LAN-based network adapters, including Ethernet and wireless.

• March 2002 - IEEE 802.11b Wireless Networking Overview

  Learn about the basic components of wireless networking and how Windows XP provides built-in support for IEEE 802.11b.

• February 2002 - Overview of IP Multicast

  Windows 2000 supports IP multicast. IP multicast traffic is sent to a single destination IP address but is received and processed by multiple IP hosts, regardless of their location on an IP internetwork.

• January 2002 - How the Windows XP Network Bridge Works

  Transparently combine multiple LAN segments to form a single network segment using Windows XP's Layer 2 and Layer 3 bridging.

2001

• December 2001 - Understanding the IP Routing Table

  When an IP packet is forwarded, the IP routing table is used to determine the next-hop address and interface.

• November 2001 - Managing Windows 2000 Networking Components with Netsh

  Use the Netsh command-line and scripting utility to configure Windows 2000 networking components on the local computer or remote computers.

• October 2001 - Demand-Dial Routing and Router-to-Router VPNs in Windows 2000

  Learn how to deploy demand-dial routing for the router-to-router VPN connection.

• September 2001 - Managed Remote Access with the Connection Manager Components of Windows 2000

  Connection Manager (CM) is the solution for issues associated with configuring dial-up or VPN connections for an enterprise and for outsourced dial configurations.

• August 2001 - Layer Two Tunneling Protocol in Windows 2000

  Secure your connection using the L2TP protocol with IPsec encryption.

• June 2001 - Configuring the Routing and Remote Access Service in Windows 2000

  Simplify remote access, virtual private network, or routing configuration by using the Routing and Remote Access Server Setup Wizard in Windows 2000 Server.

• May 2001 - Exploring Peer-to-Peer IPsec in Windows 2000

  Protect traffic between computers (using IPsec policy) and learn how to use IPsec for port blocking.

• April 2001 - DNS Dynamic Update in Windows 2000

  The solution to keeping DNS current in a DHCP environment is DNS dynamic updates.

• March 2001 - Windows 2000 Network Address Translator (NAT)

  Leverage the use of a single connection to the Internet for multiple computers, using NAT.

• January 2001 - Planning and Installing a Windows 2000 Remote Access VPN Server

  Take steps to plan and set up a remote access VPN server so that individual computers can connect to your organization's intranet.

2000

• December 2000 - Quick Look at DNS Namespace Planning

  Take a quick look at how to design a DNS namespace.