Understanding Demand-Dial Routing

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Understanding demand-dial routing

While the concept of demand-dial routing is fairly simple, configuration of demand-dial routing is relatively complex. This complexity is due to the following factors:

  • Connection endpoint addressing

    The connection must be made over public data networks, such as the analog phone system. The endpoint of the connection must be identified by a phone number or other endpoint identifier.

  • Authentication and authorization of the caller

    Anyone calling the server running Routing and Remote Access must be authenticated and authorized. Authentication is based on the caller's set of credentials that are passed during the connection establishment process. The credentials that are passed must correspond to a user account. Authorization is granted based on the dial-in permission of the user account and remote access policies. For more information, see Introduction to remote access policies.

  • Differentiation between remote access clients and routers

    Both routing and remote access services coexist on the same server running Routing and Remote Access. Both remote access clients and routers can call the same phone number. The server running Routing and Remote Access that answers the call must be able to distinguish a remote access client from a router that is calling to create a demand-dial connection. To differentiate a remote access client from a demand-dial router, the user name in the authentication credentials sent by the calling router must exactly match the name of a demand-dial interface on the answering router. Otherwise, the incoming connection is assumed to be a remote access connection.

  • Configuration of both ends of the connection

    Both ends of the connection must be configured even if only one end of the connection is initiating a demand-dial connection. Configuring only one side of the connection means that packets are successfully routed only in one direction. Normal communication requires that information travel in both directions.

  • Configuration of static routes

    You should not use dynamic routing protocols over temporary dial-up demand-dial connections. Therefore, routes for network IDs that are available across the demand-dial interface must be added to the routing table as static routes. You can accomplish this manually or by using auto-static updates.

For more information, see:

For information about designing and deploying demand-dial routing, see Setting Up Demand-Dial Routing.