Information Technology Reference
In-Depth Information
To enable access to the entire LAN, use
"EnableRoute"=dword:1
To specify the use of a DHCP server, use
"UseDHCPAddressing"=dword:1
To specify the start and end range of a static IP address pool, use
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\...
...Parameters\IP\StaticAddressPool\
<PoolNumber>
]
"From"=dword:
<StartAddress>
"To"=dword:<EndAddress>
Replace
StartAddress
and
EndAddress
with the appropriate values in hexadecimal nota-
tion. Do not enter the IP address in dotted decimal notation, such as
192.168.2.50
; use
its hexadecimal equivalent, which would be
C0A80232
.
■
Note
There are a number of online utilities to convert IP addresses between dotted decimal and hexadec-
imal notations. One example can be found at
http://www.subnetonline.com/subnet/subnet.html
.
How It Works
Your selections relating to IP routing will have important security implications, so you should
understand all concepts related to this topic. For example, you should consider carefully
whether you want your remotely connected users to access the entire LAN, or whether they
should be restricted to the remote access server, which could also contain the resources (data)
that they need.
It is helpful to also understand the DHCP process as it relates to remote access clients. If
you have configured your server to use DHCP to provide addresses, the server will automati-
cally request a block of ten addresses from the DHCP server and place them into its cache. This
is done in order to shorten the remote connection process. You can adjust the number of
addresses that are cached by modifying the following Registry value:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Parameters\IP\]
InitialAddressPoolSize=dword:
<SizeOfPool>
Replace
<SizeOfPool>
with the number of addresses that you want to request from the
DHCP server for caching purposes. The default value is
10
.
One other issue that you may encounter is support calls from remote users who think they
cannot access network resources even though they have established a connection. Many users
are accustomed to locating network resources by browsing through My Network Places or
Windows Explorer. However, unlike LAN-based clients, remote access clients do not receive
WINS, DNS, and other options directly from the DHCP server; they receive only an IP address
and a subnet mask, which may have been prefetched from the DHCP server (as was just described)
or may have been predefined in a static pool. WINS and DNS addresses, on the other hand, are
