Remote Access Server |
The architecture of the remote access server consists of the following elements, as illustrated in Figure 7.7:
Figure 7.7 Remote Access Architecture in Windows 2000
Connections are established by remote access clients that call the RAS programming interface, which in turn uses TAPI to pass call connection information to the dial-up equipment. Once the physical connection is made, TAPI is no longer used and additional remote access components negotiate the connection with link, authentication, and network control protocols by communicating directly with NDISWAN.
Once a remote access connection is established, protocol drivers can communicate over that connection using standard NDIS calls like NdisSend(). NdisSend() calls for dial-up connections are forwarded to NDISWAN, which then determines the appropriate device and port, performs compression and encryption, provides PPP framing, and then forwards the completed frame to the WAN miniport driver. The WAN miniport driver then forwards the frame to the dial-up adapter.
All inbound remote access client connections, initiated by remote access clients to the remote access server, are represented as a single adapter called the RAS server interface. For each outbound remote access client connection, initiated by the remote access server, a separate interface is created.
To accept calls, the remote access server instructs each WAN miniport driver to indicate when it goes into a line-up state. When the call is placed, the WAN miniport driver passes the line-up state indicator up through NDISWAN to the TAPI components. TAPI returns a call handle to NDISWAN to be used to refer to the physical connection, and then NDISWAN and the remote access components negotiate the rest of the remote access connection.