Before you start
Objectives: learn where and how to configure Dial-up and direct connections in XP.
Prerequisites: no prerequisites
Key terms: connection, dial-up, connect, authentication, server, multilink, direct, user, callback, modem, protocol
With Dial-up networks we are actually dialing into a host computer and joining other network. In corporate environments typically we are dialing into the services of a Remote Access Server (RAS). This allows us to join and participate as a member, or a node of that particular network. We can also use Dial-up to connect to the Internet. In this case, we will dial-up and join as a node on the Internet, but this time through our Internet service provider (ISP).
Types of Modems
There are two types of modems that we will normally use for Dial-up. The first one is our standard modem which gives us a connection speed of 56K. The second type is ISDN modem. This type of modem has three channels of operations. We have two channels that are called ‘B channels’, and the speed on those channels is 64K each. They can be used independent of each other, and they are associated with separate phone numbers. We can use one channel for voice communication and other for data transfer. The third channel, called D channel, is a 16K channel. It is used to control the B channels. We can also consolidate both of those B channels to increase the bandwidth of our connection.
When we dial in, we need to authenticate ourselves. Authentication process requires that we enter our username and password. In Windows XP, there are a lot of ways to protect authentication information. Windows utilizes several different protocols, like Extensible Authentication Protocol (EAP), Microsoft version of Challenge Handshake Authentication Protocol (MS-CHAP, version 1 and 2), Shiva Password Authentication Protocol (SPAP), and Password Authentication Protocol (PAP). The PAP is unencrypted, so it is not normally used.
When the user is authenticated, we have other options that we can use. If we are using Windows 2000 or 2003 server, we can use the Callback feature. If we enable this option, the client will make an initial connection, then the server will disconnect the connection, and then it will immediately call back the client to re-establish the connection. Callback can work in two modes. We can use a preset number for callback, which is a security feature. If somebody calls in and authenticates as a particular user, the server will look at that user’s account, and use a preset number for Callback. If somebody is trying to act as an imposter, the connection will be lost to them, because the server will call the preset number for the original user. The second option that we can use for callback is set by the user itself. When the user authenticates, the server will ask for a phone number to use for Callback. This is more an issue of who pays the bill for the telephone charges, not necessarily a security issue.
Another feature that we can use with Dial-up connections is a MultiLink. MultiLink is the ability to connect multiple connections into one logical connection. The idea behind MultiLink is to increase the overall bandwidth. 56K is really slow connection, or when talking about ISDN, the 64K is also not really fast. With MultiLink we can use two 56K modems, or use two ISDN channels to create one logical connection, and double the overall capacity. In order to do that, both the client and the server have to be configured to allow a MultiLink connection. We can not use Callback with MultiLink.
Example Dial-up Configuration
Let’s configure a Dial-up connection to connect to the Internet. We will go to the Control Panel, and open Network Connections.
Image 240.1 – Network Connections
On the left menu, in Network Tasks section, let’s click on the ‘Create a new connection’ option. The following wizard appears.
Image 240.2 – New Connection Wizard
We will click ‘Next >’, and choose the ‘Connect to the Internet’ option.
Image 240.3 – Connect to the Internet Option
We will click ‘Next >’, and choose ‘Set up my connection manually’ option.
Image 240.4 – Set up my connection manually Option
We will click ‘Next >’, and choose ‘Connect using a dial-up modem’ option.
Image 240.5 – Dial-up modem Option
We will click ‘Next >’, and enter a name for our connection.
Image 240.6 – Connection Name
We will click ‘Next >’, and enter a phone number that our ISP gave us.
Image 240.7 – Phone Number
We will click ‘Next >’, and enter a username, password, and again password to confirm it. We will leave the default options checked.
Image 240.8 – Credentials
On the next windows we can click ‘Finish’ to create our connection.
Multilink and Direct Connections
Using MultiLink, two or more physical modems are used simultaneously to establish a single logical connection. We can configure a single connection to use MultiLink with the bandwidth allocation protocol to dynamically dial and drop connections. To create a MultiLink, first we have to install two or more modems. Next, we have to create a dial-up connection that uses both modems. By default, our connection will use both modems, but we could dial only the first available device, if we want to. We can dial devices only as needed. For example, we can configure it to dial a separate line when the traffic on the first line reaches 80% of the bandwidth and lasts for 20 seconds, and to drop the second line when the traffic falls below 40% and lasts longer then one minute.
We can also communicate with other computers using a Direct Connection. A Direct Connection uses a direct link between the two devices, such as a cable attached to the serial or parallel port, or communication through infrared device. We can connect directly to another computer using, for example, a direct parallel link, or we can configure an incoming connection so other users can connect to our computer.
To connect directly to another computer, go to the Control Panel > Network Connections > and start the New Connection Wizard. Select the ‘Set up an advanced connection’ option, and click ‘Next’.
Image 240.10 – Advanced Connection
Select ‘Connect directly to another computer’ option, and click ‘Next’.
Image 240.11 – Connect Directly
In this example, our computer will access information on the Host computer, so we will select the ‘Guest’ option. On the next window we have to enter the name of the connection.
Image 240.12 – Guest Option
Image 240.13 – Connection Name
In this example we will use a parallel port for communication.
Image 240.14 – Device Selection
Click ‘Next’, and select ‘Finish’. To connect to another computer using a direct connection, we have to provide a user name and a password.
Image 240.15 – Credentials
On the other hand, if we want to allow others to access data on our computer, we can create an Incoming Connection. To configure an Incoming Connection, we can simply use our computer as a ‘Host’.
Image 240.16 – Host Option
If we configure our computer as a Host, we have to select which users can connect to our computer.
Image 240.17 – Allowed Users
Notice that this way we can use only one device that will accept incoming connections. To add more devices, go to the New Connection Wizard, select the ‘Set up an advanced connection’ option. Next, select the ‘Accept incoming connections’ option. This way we can select multiple devices that will accept incoming connections.
Image 240.18 – Multiple Devices
We can also enable Virtual Private Network connections (VPN) this way. We will not do that now.
Image 240.19 – VPN Options
Again, we have to select user which will be able to connect to our computer. Next, we need to select the LAN protocols and services that are used for the connection. We have to verify that the protocols we need are in the list.
Image 240.20 – Protocols
On the next window we can click ‘Finish’ to create an Incoming Connection.
More About Remote Authentication Protocols
- Password Authentication Protocol (PAP) – authentication is done by comparing a user name and password to a table with paired user names and passwords on the network. PAP does not support secure passwords.
- Challenge Handshake Authentication Protocol (CHAP) – server sends a challenge message to a peer. Based on the challenge message, the peer calculates a value using a hash, a number generated algorithmically from a string of text, and returns the value to the server. The server checks the value against its own calculation. If the values match, the peer is authenticated. Microsoft has two versions of CHAP: MS-CHAP and MS-CHAP v2. CHAP, MS-CHAP, and MS-CHAP v2 require secure passwords, but only MS-CHAP and MS-CHAP v2 support data encryption.
- Extensible Authentication Protocol (EAP) – EAP supports several authentication methods, including smart cards, certificates, one-time passwords, and public key authentication. EAP supports secure passwords and data encryption.
When configuring Dial-up connection, we have to have a dial-up modem installed. We also have to have valid user credentials in order to dial in to remote server. Using Dial-up connection we can also connect to the Internet trough ISP. When using MultiLink, two or more physical modems are used simultaneously to establish a single logical connection. We can create direct connections which can be used to access other computers or to allow access to our own computer using, for example, Serial, Parallel or Infrared port.
Paths that are mentioned in this article
- Control Panel > Network Connections – location which displays all network connections which are currently configured