[an error occurred while processing this directive]


MCSE Help : 70-059 -  Internetworking TCP/IP with Microsoft Windows NT 4.0. (Part 2)
Richard Adams guides us through the second half of examination no 70-059: Internetworking TCP/IP with Microsoft Windows NT 4.0

Welcome to the second instalment of our analysis of the MCSE exam number 70-059 - Internetworking TCP/IP with Microsoft Windows NT 4.0. Last month we looked at the Planning and Installation, and Configuration sections. This month we complete the exam by reviewing the Connectivity, Monitoring and Optimisation, and Troubleshooting sections.

The Connectivity Section

What to Revise

TCP/IP Applications, SNMP, RAS, Unix Connectivity, Browsing, PPTP, WINS Static Entries, NetBIOS Scope.

Watch For:

1. TCP/IP Applications

There is a host (no pun intended) of TCP/IP applications. Although you aren’t required to know detailed information on them all, the information in the following table could come up in the exam.

Application Information
Data Transfer  
FTP Bi-directional file transfer
TFTP As above but connectionless
RCP (Remote Copy) Copies files to/from a Unix host
Remote Execution  
Telnet Provides terminal emulation to a Telnet server
RSH (Remote Shell) Runs commands on a Unix host
REXEC Runs a process remotely
LPD Print service
LPR Prints to an LPD print service
LPQ Queries queue status of an LPD print service


SNMP stands for Simple Network Management Protocol and is primarily used for remotely gathering statistics from TCP/IP devices such as routers and gateways. Windows NT comes with an SNMP client service. This allows a third party SNMP management utility to query the NT machine remotely over a TCP/IP internetwork. The information that can be queried is held in MIBs (Management Information Bases). NT 4.0 supports the following MIBs:

Name Description
Internet MIB II Defined by an RFC, this MIB contains general information for fault or configuration analysis
LAN Manager MIB II Statistical, share, user, session and logon information
DHCP MIB Monitoring of DHCP server activity
WINS MIB Monitoring of WINS server activity

The SNMP service must be installed and NT restarted for SNMP client functionality to be made available. The NT Server Resource Kit includes a command line-based utility called SNMPUTIL which can be used to query the SNMP MIBs.

The SNMP service can be configured to work in one or more communities. A community is a group defined to allow administrative jurisdictional areas. For security, you can also specify the IP addresses of hosts whose SNMP commands you wish this SNMP client to respond to.

When the SNMP service is installed, the TCP/IP objects and counters are added to Performance Monitor. As with the majority of NT services, the current service pack should be re-applied after adding or removing the SNMP service.

3. RAS

When configuring a RAS server to act as a dial-up router to the Internet, leave the default gateway blank, otherwise it will override the setting given by the ISP. You should also make a change in the registry to prevent the RAS server from changing the destination IP address of the client to that of the RAS server. The entry to add is HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\RasArp\Parameters\DisableOtherSrcPacket, which should be set to a value of 0.

4. Unix Connectivity

You will be asked scenario-based questions about how to get Unix and Windows servers and clients to talk to each other over a TCP/IP internetwork. Remember that you either have to resolve name resolution issues by using HOSTS files or by using a DNS server. You can automate host name resolution by configuring the DNS server to query your WINS server.

If you are using DHCP, remember to exclude any IP addresses used by non-DHCP clients such as Unix hosts from the scope or scopes.

If you are using WINS, you can set up a WINS proxy agent to assist non-WINS clients to resolve names and you can set up static entries in the WINS database for WINS clients to be able to resolve names of non-WINS clients.

5. Browsing

You are likely to get scenario-based questions for configuring LMHOSTS files for multi-domain browsing over multiple subnets. Refer to last month’s issue, in the Domain Functions over Multiple Subnets of my article for details on how to configure LMHOSTS.


Point to Point Tunnelling Protocol is used as a secure mechanism for sending packets through a TCP/IP network. Because it first establishes a secure, TCP/IP connection using CHAP and 40-bit encryption, not only is the data secure but it can also be transferred using IPX/SPX, NetBEUI or TCP/IP through the tunnel.

PPTP is most commonly used as a secure dial-up mechanism over the Internet from a roaming or home user to the corporate RAS server. NT’s RAS service can be configured for PPTP filtering, which means that only PPTP packets are accepted over the RAS connection.

PPTP works with PSTN, ISDN or X.25 hardware.

7. WINS Static Entries

You can add several types of static entry to a WINS server:

Entry Name Purpose
Unique Used for hosts with a single NIC (network interface card)
Multihomed Used for hosts with multiple NICs, such as routers
Group Used for multicast groups
Internet Group Used for all hosts with an 0x20 service
Domain Name Used for defining domain controllers of a given domain

8. NetBIOS Scope

The NetBIOS scope is used to group computers in the Network Neighbourhood browse lists. Computers in a scope can see only computers in the same scope. A scope name is configured from the WINS Address tab of TCP/IP Properties.

The Monitoring and Optimisation Section

What to Revise:

Network Monitor
TCP/IP Utilities

Watch For:

1.Network Monitor

Network Monitor is used to capture frames across the network. It is installed as a separate service from Control Panel, Network. Network Monitor comprises two components – tools, which we interface with to stop, start, view and analyse captures and agent, which works with the NIC to perform the capture. You can install either tools and agent or agent only. The Network Monitor tools can work with an agent installed on the local machine or any other Windows NT computer. There is also an agent available for Windows 95/98. The version of Network Monitor that comes with Windows NT is limited to capturing only broadcast frames and frames either to or from the computer where the agent is installed. There is a full version of Network Monitor that comes with Microsoft SMS (Systems Management Server) that will capture all frames on the network, regardless of their origination or destination. Familiarise yourself with how to stop, start and view captures and, in particular, the functionality of the filter options.

2. TCP/IP Diagnostics Utilities

As with TCP/IP applications, familiarise yourself with the basic functionality and common switches of the following utilities:

Utility Name Description
PING Verifies TCP/IP connectivity between hosts
IPCONFIG Verifies local IP configuration
Finger Retrieves basic system information from a remote host
NSLOOKUP Queries a DNS server
HOSTNAME Returns the local host name
NETSTAT Displays TCP/IP statistics
NBTSTAT Displays NetBIOS over TCP/IP statistics including the name cache
ROUTE Displays and modifies the local routing table
TRACERT Verifies the route to a specified host over an internetwork
ARP Displays and modifies the ARP cache

The Troubleshooting Section

What to Revise:

Name Resolution
Using PING
WINS Proxy Agent

Watch For:

1.Name Resolution

If connectivity on the network fails, you should first of all determine if it is a name resolution issue. If so, is it a host name resolution issue or a NetBIOS name resolution issue? To discover this, try connecting to the remote host using both a host name (eg PING hostname) and a NetBIOS name (eg NET USE J: . The one that fails is the one with the problem.

Check to see if other clients can connect to the server using that name resolution method. If they can, then it is likely to be a problem with the client, if not it could be a problem either with the server, a name resolution service or the underlying network.

On the client, check the local IP Address details to make sure that they are correct, paying special attention to the WINS and DNS server settings. If you are not using WINS or DNS, check that the remote host is either on the same subnet as the client or that the client has an entry for the remote host in its HOSTS or LMHOSTS file in <systemroot>\system32\drivers\etc. If there is an entry for the remote host, check that the IP address and name have been entered correctly and check that there isn’t another entry for the same name elsewhere in the file. If there is not an entry, add one. The higher up the list you add the entry, the faster the search will be for resolving that remote host’s IP address.

2. Using PING

PING stands for Packet INternet Groper and it is used to check for connectivity between two TCP/IP hosts. PING is most commonly used using the command-line utility of the same name. At the prompt simply type PING followed by a space then either the host name or the IP address of the remote host and press return. The local host will now send four ICMP (Internet Control Message Protocol) Echo Request packets to the remote host. If the host receives the Echo Requests, it will send four ICMP Echo Reply packets back to the local host. This process will be displayed to the user along with a TTL (time to live) for the packets. One or more successful replies indicates that connectivity exists between the local and remote host. (Less than four successful replies indicates intermittent problems on the network).

If you attempt to PING a remote host using its host name and do not get a reply, try PINGing it using its IP address. If this attempt succeeds where the first attempt failed, this indicates a host name resolution issue.


IPCONFIG is used at the command line to show details of the local host’s IP addressing configuration. This can be used to verify addressing details whilst troubleshooting. Whilst this information can also be viewed from the TCP/IP Properties dialogue box for a statically configured host, if the local host is a DHCP client, the TCP/IP Properties dialogue box will be blank.

IPCONFIG comes with some switches that can be used to enhance its functionality.

Switch Functionality
IPCONFIG Returns IP address, subnet mask and default gateway parameters for the first NIC only
IPCONFIG /ALL Provides more detailed IP addressing information about all NICs installed on the host, including WINS and DNS settings
IPCONFIG /RELEASE For DHCP clients, releases the current IP address lease back to the DHCP server
IPCONFIG /RENEW For DHCP clients, renews the current IP address lease from the DHCP server. If there is no current IP address lease, or the request for renewal fails, a request for a new IP address will be sent

4. WINS Proxy Agent

If you have non-WINS hosts such as Unix workstations on a multiple-subnet TCP/IP network where not all subnets have a WINS server present locally, you will need to configure a WINS Proxy Agent (a WINS client set to pick up name resolution request broadcasts and pass them on as directed messages to the WINS server). You will require one WINS Proxy Agent for each subnet that does not have its own local WINS Server. (If you do have multiple WINS servers, you will of course need to configure replication between them.)

This concludes the two-part review of the Internetworking TCP/IP with Windows NT 4.0 examination. Remember to concentrate on subnetting for this exam as you are likely to be asked more questions about this than about anything else. Next month we will begin a run-down of our second elective exam – Implementing Exchange Server 5.5, which not only is a very popular and useful elective to choose in its own right, but is also an excellent stepping stone to understanding Windows 2000, as several of the fundamental concepts are the same.

Richard Adams is director of SkillShelf – an IP and Internet consultancy and training provider.

If you are still looking for help and good advice to pass this examination then the MCSE Rapid Review Guide to TCP/IP for Microsoft Windows NT 4.0 by Michael A. Pastore is a must for anyone studying towards this examination. Thisoffers an essential guide to:

Installing and configuring TCP/IP and its services on Windows NT 4.0
Understanding TCP/IP protocols and the related Windows NT utilities
Assigning IP addresses, using subnet masks, and configuring static and dynamic routing
Understanding address and name resolution
Connecting to heterogeneous environments
Monitoring and optimising TCP/IP performance on Windows NT
Answering users’ questions about TCP/IP.

This is just one study guide in the series from 29th Street Press. This series offers guidance in the form of a manageable book that helps candidates monitor their own progress toward the elusive MCSE qualification. These guides present only the details that you really need to know. It includes frequent review questions, hands-on activities, vocabulary checklists and troubleshooting summaries to measure your improvement.

To order now call Duke Communications on tel: 0161 929 2800