Demand-dial Routing Example

  • Article

Applies To: Windows Server 2008, Windows Server 2008 R2

The following demand-dial routing design example illustrates how you can use demand-dial routing to connect remote networks with dial-up. The following illustration shows the configuration between two offices that want to use demand-dial IP routing.

The Seattle office has an RRAS server that functions as a remote access server and demand-dial router. All computers in the Seattle office are connected to the 172.16.1.0 network (subnet mask 255.255.255.0). The Seattle RRAS router (hereafter referred to as Router 1) has a modem connected to its COM1 port and the phone number of the modem is 555-0111.

The New York office has an RRAS server that functions as a remote access server and demand-dial router. All computers in the New York office are connected to the 172.16.2.0 network (subnet mask 255.255.255.0). The New York RRAS router (hereafter referred to as Router 2) has a modem connected to its COM2 port and the phone number of the modem is 555-0122.

The user on the computer with the IP address of 172.16.1.10 needs to be able to connect to the user on the computer with the IP address of 172.16.2.20 and vice versa.

Note

To configure demand-dial routing, use the Demand-Dial Interface wizard, and do not skip the Add a Static Route dialog box. For more information about adding a demand-dial interface, see Configure the Routing and Remote Access Service and Demand-Dial Interfaces in the RRAS Deployment Guide.

Configuring Router 1

The configuration for demand-dial routing on Router 1 consists of the following three steps:

  1. Creating a demand-dial interface

  2. Creating a static route

  3. Creating an account that Router 2 uses when calling Router 1

Creating a demand-dial interface

By using RRAS with the Demand-Dial Interface wizard, the administrator at Router 1 creates a demand-dial interface called DD_NewYork with the following configuration:

  • Equipment: Modem on COM1

  • Phone number: 555-0122

  • Protocols: TCP/IP

  • Authentication credentials: DD_Seattle with a password

Creating a static route

By using RRAS, the Demand-Dial Interface wizard will already have the name and destination of the static route with the following configuration:

  • Interface: DD_NewYork

  • Destination: 172.16.2.0

  • Network mask: 255.255.255.0

  • Metric: 1

Note

Because the demand-dial connection is a point-to-point connection, the gateway IP address is not configurable.

Creating an account that Router 2 uses when calling Router 1

By using Active Directory Users and Computers or Local Users and Groups, the administrator at Router 1 creates a user account with the following settings:

  • Account name: DD_NewYork with a password.

  • Account settings: Clear the User must change password at next logon check box, and then select the Password never expires check box.

The DD_NewYork account is granted dial-in permissions either by using the dial-in properties of the user account or by using remote access network policies. For more information, see Understanding Remote Access Network Policies in the RRAS Deployment Guide.

Configuring Router 2

The configuration for demand-dial routing on Router 2 consists of the following three steps:

  1. Creating a demand-dial interface

  2. Creating a static route

  3. Creating an account that Router 1 uses when calling Router 2

Creating a demand-dial interface

By using RRAS with the Demand-Dial Interface wizard, the administrator at Router 2 creates a demand-dial interface called DD_Seattle with the following configuration:

  • Equipment: Modem on COM2

  • Phone number: 555-0111

  • Protocols: TCP/IP

  • Authentication credentials: DD_NewYork with a password

Creating a static route

By using Routing and Remote Access, the Demand-Dial Interface wizard will already have the name and destination of the static route with the following configuration:

  • Interface: DD_Seattle

  • Destination: 172.16.1.0

  • Network mask: 255.255.255.0

  • Metric: 1

Note

Because the demand-dial connection is a point-to-point connection, the gateway IP address is not configurable.

Creating an account that Router 1 uses when calling Router 2

By using Active Directory Users and Computers or Local Users and Groups, the administrator at Router 2 creates a user account with the following settings:

  • Account name: DD_Seattle with a password.

  • Account settings: Clear the User must change password at next logon check box, and then select the Password never expires check box.

The DD_Seattle account is granted dial-in permissions either by using the dial-in properties of the user account or by using remote access network policies. For more information, see Understanding Remote Access Network Policies in the RRAS Deployment Guide.

The resulting configuration

The following illustration shows the demand-dial routing configuration in terms of the demand-dial interfaces, static routes, and user accounts for the routers for the Seattle and New York offices.

Note

For two-way initiated demand-dial routing to work properly, authentication credentials (such as user account name) for the demand-dial interface must be created on both servers running Routing and Remote Access. This example shows a proper configuration and is summarized in the following table. The user account must exactly match the name of the corresponding demand-dial interface. If it does not, then the connection is treated as a remote access client VPN connection instead of a site-to-site router connection.

Router Demand-dial interface name User account name

Router 1

DD_NewYork

DD_Seattle

Router 2

DD_Seattle

DD_NewYork

For more information about how the demand-dial connection process works for this example configuration, see The Demand-dial Connection Process in this guide.