1 00:00:01,040 --> 00:00:04,240 Remote Access and Network Policy Server. 2 00:00:04,240 --> 00:00:08,760 The Windows Server Remote Access role has been in the product since before there 3 00:00:08,760 --> 00:00:14,760 was Active Directory. I came into the industry about 1996 or so, Windows NT 4, 4 00:00:14,760 --> 00:00:20,370 and we had it back then as well. RAS, or as it used to be called RRAS, Routing 5 00:00:20,370 --> 00:00:24,800 and Remote Access Service. And in Windows Server 2022, it's still around, and it 6 00:00:24,800 --> 00:00:29,580 gives us the virtual private network, or VPN, capability, as well as 7 00:00:29,580 --> 00:00:31,370 DirectAccess functionality. 8 00:00:31,370 --> 00:00:36,010 Both of these are ways to allow remote workers a secure connection 9 00:00:36,010 --> 00:00:39,110 into your corporate, private network environment. 10 00:00:39,110 --> 00:00:42,730 The routing role service allows you to set up your Windows 11 00:00:42,730 --> 00:00:46,980 Server box as an honest‑to‑goodness IP router. Particularly, you 12 00:00:46,980 --> 00:00:50,580 can use Border Gateway Protocol, which is also called the 13 00:00:50,580 --> 00:00:52,400 routing protocol of the internet. 14 00:00:52,400 --> 00:00:57,770 This has particular import because BGP forms the foundation of the 15 00:00:57,770 --> 00:01:01,940 site‑to‑site virtual private network with Azure, and in particular, 16 00:01:01,940 --> 00:01:06,240 BGP supports dynamic route discovery and propagation. 17 00:01:06,240 --> 00:01:10,410 And again with Azure, it unlocks the possibility of active‑active 18 00:01:10,410 --> 00:01:14,810 tunnels, and redundant site‑to‑site VPN links, and so on. 19 00:01:14,810 --> 00:01:15,410 And lastly, 20 00:01:15,410 --> 00:01:20,160 we have the Web Application Proxy role service, and this is normally used in 21 00:01:20,160 --> 00:01:24,900 conjunction with Active Directory Federation Services, or AD FS. But more 22 00:01:24,900 --> 00:01:31,050 generally, Web Application Proxy allows you to expose a web application that's 23 00:01:31,050 --> 00:01:35,270 running, again, privately on your internal network with a private non‑internet 24 00:01:35,270 --> 00:01:39,980 routable IP and expose those for incoming connections from over the internet 25 00:01:39,980 --> 00:01:43,970 or, at the very least, from outside your Active Directory environment. We'll 26 00:01:43,970 --> 00:01:49,170 get more into the Web Application Proxy stuff in the next and final module of 27 00:01:49,170 --> 00:01:50,040 the course. 28 00:01:50,040 --> 00:01:53,530 In terms of Network Policy Server and Windows Server 29 00:01:53,530 --> 00:01:55,810 and how this relates to Azure, 30 00:01:55,810 --> 00:02:00,430 how it relates to hybrid cloud administration and the AZ‑800 exam, 31 00:02:00,430 --> 00:02:04,000 we need to understand RADIUS. And if you don't know, RADIUS is an 32 00:02:04,000 --> 00:02:07,210 industry standard network protocol. It stands for Remote 33 00:02:07,210 --> 00:02:09,740 Authentication Dial‑In User Service. 34 00:02:09,740 --> 00:02:13,880 And yes, I always get a kick at the dial‑in reference because I do 35 00:02:13,880 --> 00:02:18,050 date back far enough to where I set up remote access connections 36 00:02:18,050 --> 00:02:23,070 using analog modems connected to my Windows Server, RRAS Server 37 00:02:23,070 --> 00:02:25,390 endpoints. Wow! It's been a while, huh? 38 00:02:25,390 --> 00:02:28,280 Well now, fortunately we're not dealing with dial‑up, at 39 00:02:28,280 --> 00:02:30,420 least I hope you're not dealing with dial‑up. 40 00:02:30,420 --> 00:02:34,590 But anyway, RADIUS provides centralized authentication, 41 00:02:34,590 --> 00:02:37,440 authorization, and accounting for those remote connections. 42 00:02:37,440 --> 00:02:42,850 Yes, we can integrate RADIUS with 802.1X to do Wi‑Fi authentication. 43 00:02:42,850 --> 00:02:46,600 We can do port‑based authentication. But in this context, we're 44 00:02:46,600 --> 00:02:54,000 dealing with remote users who need to come into your corporate perimeter and access on‑premises servers.