As a freelance writer working from home, I depend on remote access. Thus, I was interested in the changes that Microsoft implemented for remote access in Windows 2000 Professional (Win2K Pro). My first impression was negative. Changes to the Win2K Pro dial-up user interface (UI), compared with the Windows NT 4.0 and Windows 98 interfaces, left me confused about where to find some functions. With experience, though, I've come to appreciate how the new design performs.
The New User Interface
For users, the major change to DUN in Win2K Pro is how you connect and log on. All of Win2K Pro's network connections (e.g., LAN, dial-up, Internet) are in the Network and Dial-Up Connections folder, which you access from Start, Settings, Network and Dial-Up Connections. This new location for network connections in Win2K Pro surprised me; I expected to find the DUN interface from Start, Programs, Accessories, as in NT 4.0.
To create a new network connection, double-click the Make New Connection icon in the Network and Dial-Up Connections folder. A Network Connection Wizard appears. Click Next to pass the welcome screen, and the wizard will present you with the network connection options that Screen 1, page 174, shows: Dial-up to private network, Dial-up to the Internet, Connect to a private network through the Internet, Accept incoming connections, and Connect directly to another computer. For a dial-up Internet connection, select Dial-up to the Internet, then click Next. In the NT 4.0 and Win98 versions of RAS and DUN, you need to install a modem before you can dial up the Internet, but in Win2K Pro, a wizard appears that will install a modem for you. The wizard offers to detect the modem or let you install it manually from a list of supported modems.
After you install the modem, the Internet Connection Wizard (ICW) appears on your screen. The ICW offers you three options. The first two options—Sign Up for a New Internet Account and Transfer Existing Internet Account to This Computer—use Microsoft's Internet Referral Service, which is a server that you use a toll-free number to reach. The Internet Referral Service maintains a nationwide database of ISPs. However, the database doesn't include any ISPs that are local to me. So, I set up the connection manually, which is the third option the ICW offers. I entered the ISP's dial-up phone number, my account name, and my password. The ICW offered to set up an Internet Mail account. By default, the ICW uses Microsoft Outlook Express, but Outlook 2000 was also an option because I had installed the program. Then, the ICW offered to connect to the Internet immediately.
Internet Connection Sharing
One of Win2K Pro's best new features is Internet Connection Sharing (ICS), which lets all computers on a LAN subnet share an Internet connection. However, ICS has some catches. ICS changes the network adapter address, an action that can cause major problems on a corporate LAN. You need to use ICS only in a home network or small-office environment. Administrators must set other ICS computers to acquire their IP addresses automatically. Technically, ICS provides a subset of Windows 2000 Server's (Win2K Server's) DHCP and DNS features. ICS establishes an address pool that other systems can access and hands out an IP address to each client that requests one. ICS then maps traffic that originates at the clients' IP addresses and passes through the single Internet connection on the system running ICS. As a result, all computers on the LAN subnet can transparently share one Internet connection.
To enable ICS on a connection, open Network and Dial-Up Connections, right-click the connection that you want to share, select Properties, and select the Sharing tab in the Properties dialog box. If the connection is dial-up, you'll see two check boxes: Enable ICS for the connection and Enable on-demand dialing. On-demand dialing, which is an option that doesn't appear on network connections, causes the system running ICS to dial the phone whenever a user wants to browse a Web page or make other use of the ICS connection (e.g., FTP, Telnet).
VPNs
Recent widespread acceptance of VPNs is revolutionary for remote users. In a VPN, you establish an Internet connection, then use an encrypted data stream to tunnel through the connection. The resulting connection is functionally identical to dialing in on a private line, though the connection goes through your ISP. By calling a local ISP number, you eliminate long-distance telephone charges and save your company money. You also eliminate the frustrating inability to get into your company's dial-up server because all the lines are busy.
In NT 4.0, Microsoft supports PPTP VPNs. PPTP encrypts data packets, puts a Point-to-Point Protocol (PPP) wrapper around them, and sends the packets to the PPTP server. The server unwraps and decrypts the packets, then puts them on the network. The difference between this approach and Win2K Pro's VPN support is the security mechanism the protocols use. PPTP uses the shared secret password approach that NT 4.0 uses. Win2K Pro offers an additional VPN option, Layer 2 Tunneling Protocol (L2TP), which works with IP Security (IPSec). L2TP and IPSec don't use shared secret passwords; instead, they use security certificates from Win2K Server's Kerberos security system. Security certificates are theoretically more secure than the security technology in PPTP, but security certificates don't work unless a Kerberos security host is available on the network.
Whichever VPN system you use, setting up the VPN connection from your Win2K Pro desktop is easy: Open Network and Dial-Up Connections, and double-click Make New Connection. Click Next to pass the welcome screen, select Connect to a private network through the Internet, and click Next. If you use a dial-up Internet connection, the system asks whether you want the computer to autodial to your ISP. This step is new in Win2K Pro and is easier than the NT 4.0 approach, which requires you to manually dial in to the Internet first. (Most users will like Win2K Pro's autodial refinement; a possible exception is a mobile user who uses different dial-up numbers in different locations.) Click Next, and the system asks for the VPN host's name or IP address, which you get from your network administrator. Then, you can choose whether the connection applies to you or to all system users. To finish setting up the connection, enter a name for the connection. To establish the connection, double-click its icon in Network and Dial-Up Connections.
Troubleshooting
DUN failures frequently indicate a modem problem. If your modem doesn't respond, turn it off and on, then dial again. In NT 4.0, you have to resort to some crude troubleshooting tools if that procedure doesn't eliminate the problem. If the documentation that came with your modem lists the commands that your modem responds to, Hilgraeve HyperTerminal can help you solve problems. However, a Win2K Pro enhancement helps you avoid the need for other troubleshooting tools. To use the enhancement, open the Control Panel Phone and Modem Options applet. In the dialog box, click the Modems tab, then select your modem and click Properties. On the resulting dialog box's Diagnostics tab, click Query Modem to run a diagnostic script that might identify the cause of your system's problem.
If your modem exchanges information with the remote system but can't log on, a problem might exist with the username, password, or domain you're using. You need to use the username and password of the remote system you're logging on to rather than the username and password of your local system. Some systems ignore the domain field; others require it to be blank.
Tips and Tricks
After you dial in, by default, Win2K Pro stays connected until the remote system hangs up, which might be expensive. To change the maximum connection time, right-click your connection's icon in Network and Dial-Up Connections, then select Properties. Select the Options tab, and specify the connection time in the Idle time before hanging up text box. I set my maximum connection time to 5 minutes.
Win2K Pro also has a command-line function for making dial-up connections, a tool that's useful when you write batch files. The command syntax is
rasdial "entry-name" "username" password
where entry-name is the connection's name, and username and password are the terms you use to log on to the remote system. The command accepts one switch, /disconnect, which ends a call. The following example illustrates a batch file that uses the dial-up command:
rasdial "ainet" "jruley" password net use S: \\server1\users\jruley xcopy E:\newscol\current S:\newscol\current net use S: /delete rasdial /disconnect
The computer automatically dials in to AiNET (my ISP), connects to a shared directory on server1, copies a local directory's contents to the server, disconnects from the shared directory, and logs off. You can also use the rasdial command-line syntax with Win2K Pro's command-line scheduler. For example, the following script will execute the batch file at midnight:
At 12:00am "backup.bat"
Win2K Pro's RAS and DUN implementation is powerful, and now that I've used it for a few months, I find the UI more intuitive than the NT 4.0 version. Most users will welcome the changes they find in Win2K Pro's remote-access capabilities.
