One-way initiated demand-dial connections
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
One-way initiated demand-dial connections
If a demand-dial connection is always initiated by one router, a one-way initiated demand-dial connection, then you can simplify the configuration of the answering router by configuring static routes on the user account of the calling router.
Using the example scenario described in Demand-dial routing example, the Seattle router (Router 1) always calls the New York router (Router 2).
Configuring Router 1
The configuration of Router 1 is the same as described in Demand-dial routing example.
Configuring Router 2
The configuration for demand-dial routing on Router 2 consists of just two steps:
Create a user account that Router 1 uses when calling Router 2.
Configure static routes on the user account used by Router 1 for the network IDs of the Seattle office.
Creating a user account with dial-in permissions
By using Active Directory Users and Computers or Local Users and Groups, the administrator at Router 2 creates a user account with the following settings:
Account name: DD_Seattle with a password.
Account settings: Clear the User must change password at next logon check box and select the Password never expires check box.
The DD_Seattle account is granted dial-in permissions either through the dial-in properties of the user account or through remote access policies. For more information, see Introduction to remote access policies.
Configuring the user account with static routes
By using Active Directory Users and Computers or Local Users and Groups, the administrator at Router 2 obtains dial-in properties on the DD_Seattle user account and then adds the static routes of the Seattle office.
For more information, see Configure static routes for a dial-in user.
For this example, the network administrator adds the following route:
Network mask: 255.255.255.0
- You can only add static routes to the dial-in properties of a user account on a server running Routing and Remote Access acting as stand-alone router (not a member of a domain) or a server running Routing and Remote Access that is a member of a Windows 2000 native or a Windows Server 2003 domain.
Connection process for a one-way initiated demand-dial connection
When the user at 172.16.1.10 tries to connect to a resource at 172.16.2.20, the following events occur:
Packets from 172.16.1.10 destined for 172.16.2.20 are forwarded to Router 1.
Router 1 receives the packet from 172.16.1.10 and checks its routing table. A route to 172.16.2.20 is found by using the DD_NewYork interface.
Router 1 checks the state of the DD_NewYork interface and finds it is in a disconnected state.
Router 1 retrieves the configuration of the DD_NewYork demand-dial interface.
Based on the DD_NewYork configuration, Router 1 uses the modem on COM1 to dial the number 555-0122.
Router 2 answers the incoming call.
Router 2 requests authentication credentials from the incoming caller.
Router 1 sends the user name DD_Seattle with its associated password.
Upon receipt of the authentication credentials, Router 2 checks the user name and password against the security features of the Windows Server 2003 family and verifies that Router 1 has dial-in permission through the dial-in properties of the DD_Seattle user account and the configured remote access policies.
Router 2 retrieves the static route (172.16.1.0 with the subnet mask of 255.255.255.0) that is configured on the DD_Seattle user account and creates a corresponding static route in its routing table. If Router 2 is configured with routing protocols, Router 2 uses routing protocols to communicate with neighboring routers so that the route to the Seattle network is propagated to all of the routers in the New York office.
Router 2 must now determine whether the incoming caller is a dial-up networking client or a router creating a demand-dial connection. Router 2 looks in its list of demand-dial interfaces and does not find one called DD_Seattle. Therefore, Router 2 considers the connection to the Seattle office to be a remote access connection.
Router 1 forwards the packet from the computer at 172.16.1.10 across the demand-dial connection to Router 2.
Router 2 receives the packet and forwards it to the computer at 172.16.2.20.
The response to the connection request by the computer at 172.16.1.10 is forwarded to Router 2 by the computer at 172.16.2.20.
Router 2 receives the packet destined for 172.16.1.10 and checks its routing table. A route to 172.16.1.10 is found by using the connection to Router 1.
Router 2 forwards the packet to Router 1.
Router 1 forwards the packet to the computer at 172.16.1.10.
- When the connection is made, the static routes on the user account of the calling router are added to the routing table of the answering router. If routing protocols are used to propagate the new static route, then there is a delay between the time the connection is made and the time when all of the routers on the intranet of the answering router are aware of the new route. Therefore, hosts on the intranet of the calling router may experience a delay between the time that the connection is made and the time when they begin to receive traffic back from hosts on the intranet of the answering router.