Saturday, March 06, 2004
RAS Server registry settings
consist of 3 groups:
1. Global server settings
2. Per-line settings
3. User credential information
1 -- Global Server settings
---------------------------
Global RAS Server Registry settings are found under the key
HKLM\Comm\ppp\Server\Parms.
They specify settings that will be common to all connections.
Server IP Address Configuration
-------------------------------
The manner in which the RAS server allocates IP addresses for client connections can be configured by setting the following registry entries:
"UseDhcpAddresses" DWORD (default:0)
Set to 1 to have the RAS Server lease IP addresses from a DHCP server. Setting this to 1 will preclude the use of AutoIP or Static addressing described below.
"UseAutoIPAddresses" DWORD (default:1)
Note: Not supported in CE 4.0, added in 4.1.
Set to 1 to have the RAS server generate "random" IP addresses from the AutoIp pool.
"AutoIPSubnet" DWORD (default: 0xC0A80000 = 192.168.x.x)
"AutoIPSubnetMask" DWORD (default: 0xFFFF0000 = 255.255.0.0)
These 2 parameters define the subnet that "random" IP addresses will be generated from if UseAutoIPAddresses is enabled.
"StaticIpAddrStart" DWORD (default: 0xC0A8FE01 = 192.168.254.1)
"StaticIpAddrCount" DWORD (default: 254)
If neither Dhcp nor AutoIP is enabled, then the RAS server will use addresses from this pool, allocating the lowest address not currently in use by the RAS server when it needs to allocate an IP address
Server Misc Configuration
-------------------------
"AuthenticationMethods" DWORD (default: PAP, MD5-CHAP, MS-CHAP, MS-CHAPv2 allowed, EAP prohibited)
This value specifies which Authentication types are allowed. It is a bitmask of the following constants defined in sdk\inc\ras.h:
RASEO_ProhibitPAP
RASEO_ProhibitCHAP
RASEO_ProhibitMsCHAP
RASEO_ProhibitMsCHAP2
RASEO_ProhibitEAP
Setting it to 0 will allow all authentication types, setting it 0xFFFFFFFF will disable authentication.
Note that the WinCE EAP module does not currently support the authenticator role, so even if the RAS server is set to enable EAP clients will not be able to successfully connect using it.
"Flags" DWORD (default: 0)
This is a bitmask of the following option values:
0x01 - Requires data encryption on client connections
0x02 - Allows unauthenticated access to the server
0x04 - Prevents the use of VJ header compression
0x08 - Prevents the use of Data compression
Server Startup
--------------
"Enable" DWORD (default: 0)
This is the master server enable switch. Setting it to 1 causes the server to be enabled at system startup time.
"StartupDelaySeconds" DWORD (default: 20)
This specifies the number of seconds to wait at boot time before starting the RAS server.
This allows for other system components to complete initialization (e.g. networking adapters and DHCP)prior to initializing the RAS server.
2 -- Per-line settings
----------------------
These settings are used to specify which lines are to be used by the RAS server to listen for incoming
connections from clients, and to specify settings on an individual line basis.
These settings are found in the registry key
HKLM\Comm\ppp\Server\Line\\.
Available device names can be discovered using the RasEnumDevices API.
"Enable" DWORD (default 0)
Set this to 1 to enable incoming connections on the line
"DeviceType" SZ
This specifies the type of device, which is one of the "RASDT_xxx" values
from sdk\inc\ras.h:
"direct"
"modem"
"vpn"
"PPPoE"
"DeviceInfo" BINARY
This specifies device configuration information which is opaque to the RAS server. It is used to configure the device when it is being initialized to listen for incoming connections.
"Flags" DWORD (default: 0)
This value is identical to the Global Server Flags value. The flags in use for a particular line are determined by ORing together the global flags with the per-line flags.
3 -- User Credential Information
--------------------------------
Direct registry access to user credential information is not supported.
Use the RASCNTL_SERVER_USER_SET_CREDENTIALS and
RASCNTL_SERVER_USER_DELETE_CREDENTIALS IOCNTLs.
1. Global server settings
2. Per-line settings
3. User credential information
1 -- Global Server settings
---------------------------
Global RAS Server Registry settings are found under the key
HKLM\Comm\ppp\Server\Parms.
They specify settings that will be common to all connections.
Server IP Address Configuration
-------------------------------
The manner in which the RAS server allocates IP addresses for client connections can be configured by setting the following registry entries:
"UseDhcpAddresses" DWORD (default:0)
Set to 1 to have the RAS Server lease IP addresses from a DHCP server. Setting this to 1 will preclude the use of AutoIP or Static addressing described below.
"UseAutoIPAddresses" DWORD (default:1)
Note: Not supported in CE 4.0, added in 4.1.
Set to 1 to have the RAS server generate "random" IP addresses from the AutoIp pool.
"AutoIPSubnet" DWORD (default: 0xC0A80000 = 192.168.x.x)
"AutoIPSubnetMask" DWORD (default: 0xFFFF0000 = 255.255.0.0)
These 2 parameters define the subnet that "random" IP addresses will be generated from if UseAutoIPAddresses is enabled.
"StaticIpAddrStart" DWORD (default: 0xC0A8FE01 = 192.168.254.1)
"StaticIpAddrCount" DWORD (default: 254)
If neither Dhcp nor AutoIP is enabled, then the RAS server will use addresses from this pool, allocating the lowest address not currently in use by the RAS server when it needs to allocate an IP address
Server Misc Configuration
-------------------------
"AuthenticationMethods" DWORD (default: PAP, MD5-CHAP, MS-CHAP, MS-CHAPv2 allowed, EAP prohibited)
This value specifies which Authentication types are allowed. It is a bitmask of the following constants defined in sdk\inc\ras.h:
RASEO_ProhibitPAP
RASEO_ProhibitCHAP
RASEO_ProhibitMsCHAP
RASEO_ProhibitMsCHAP2
RASEO_ProhibitEAP
Setting it to 0 will allow all authentication types, setting it 0xFFFFFFFF will disable authentication.
Note that the WinCE EAP module does not currently support the authenticator role, so even if the RAS server is set to enable EAP clients will not be able to successfully connect using it.
"Flags" DWORD (default: 0)
This is a bitmask of the following option values:
0x01 - Requires data encryption on client connections
0x02 - Allows unauthenticated access to the server
0x04 - Prevents the use of VJ header compression
0x08 - Prevents the use of Data compression
Server Startup
--------------
"Enable" DWORD (default: 0)
This is the master server enable switch. Setting it to 1 causes the server to be enabled at system startup time.
"StartupDelaySeconds" DWORD (default: 20)
This specifies the number of seconds to wait at boot time before starting the RAS server.
This allows for other system components to complete initialization (e.g. networking adapters and DHCP)prior to initializing the RAS server.
2 -- Per-line settings
----------------------
These settings are used to specify which lines are to be used by the RAS server to listen for incoming
connections from clients, and to specify settings on an individual line basis.
These settings are found in the registry key
HKLM\Comm\ppp\Server\Line\
Available device names can be discovered using the RasEnumDevices API.
"Enable" DWORD (default 0)
Set this to 1 to enable incoming connections on the line
"DeviceType" SZ
This specifies the type of device, which is one of the "RASDT_xxx" values
from sdk\inc\ras.h:
"direct"
"modem"
"vpn"
"PPPoE"
"DeviceInfo" BINARY
This specifies device configuration information which is opaque to the RAS server. It is used to configure the device when it is being initialized to listen for incoming connections.
"Flags" DWORD (default: 0)
This value is identical to the Global Server Flags value. The flags in use for a particular line are determined by ORing together the global flags with the per-line flags.
3 -- User Credential Information
--------------------------------
Direct registry access to user credential information is not supported.
Use the RASCNTL_SERVER_USER_SET_CREDENTIALS and
RASCNTL_SERVER_USER_DELETE_CREDENTIALS IOCNTLs.
