PPTP-based on-demand branch office

  • Article

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

PPTP-based on-demand branch office

The Dallas branch office is a PPTP-based branch office that uses a router running Windows Server 2003, Standard Edition, to create an on-demand, router-to-router VPN connection with the corporate office router in New York as needed. When the connection is made and is idle for five minutes, the connection is terminated.

To deploy a PPTP, one-way initiated, on-demand, router-to-router VPN connection to the corporate office based on the settings configured in Common configuration for the VPN server and On-Demand Branch Office, the following settings are configured on the Dallas router.

Demand-dial interface for the connection to the ISP

To connect the Dallas office router to the Internet by using a local ISP, a demand-dial interface is created by using the Demand-Dial Interface Wizard with the following settings:

  • Interface name

    ISP

  • Connection type

    Connect using a modem, ISDN adapter, or other physical device is selected.

  • Select a device

    The appropriate ISDN device is selected.

  • Phone number or address

    Phone number of the ISP for the Dallas office.

  • Protocols and security

    The Route IP packets on this interface check box is selected.

  • Static Routes for Remote Networks

    Static route for Electronic, Inc. VPN server: To create the connection to the Dallas ISP when the router-to-router VPN connection needs to be made, the following static route is configured:

    • Interface: ISP

    • Destination: 207.209.68.1

    • Network mask: 255.255.255.255

    • Metric: 1

  • Dial-out credentials

    • User name: Dallas office ISP account name.

    • Password: Dallas office ISP account password.

    • Confirm password: Dallas office ISP account password.

For more information, see Add a demand-dial interface.

Demand-dial interface for router-to-router VPN connection

To connect the Dallas office router to the VPN server by using a router-to-router VPN connection over the Internet, a demand-dial interface is created by using the Demand-Dial Interface Wizard with the following settings:

  • Interface name

    CorpHQ

  • Connection type

    Connect using virtual private networking (VPN) is selected.

  • VPN type

    Point to Point Tunneling Protocol (PPTP) is selected.

  • Destination address

    207.209.68.1

  • Protocols and security

    The Route IP packets on this interface check box is selected.

  • Static Routes for Remote Networks

    To make all locations on the corporate intranet reachable, the following static route is configured:

    • Interface: CorpHQ

    • Destination: 172.16.0.0

    • Network mask: 255.240.0.0

    • Metric: 1

    To make all locations on Electronic, Inc. branch offices reachable, the following static route is configured:

    • Interface: CorpHQ

    • Destination: 192.168.0.0

    • Network mask: 255.255.0.0

    • Metric: 1

  • Dial-out credentials

    • User name: VPN_Dallas

    • Domain: electronic.microsoft.com

    • Password: nY7W{q8~=z3

    • Confirm password: nY7W{q8~=z3

PPTP packet filters on the demand-dial interface that connects to the ISP

To ensure that only PPTP-based traffic is allowed on the connection to the Internet, PPTP packet filters are configured on the ISP demand-dial interface. For more information, see Add PPTP Filters.

Note

  • The example companies, organizations, products, people and events depicted herein are fictitious. No association with any real company, organization, product, person or event is intended or should be inferred.