Logo
programming4us
programming4us
programming4us
programming4us
Home
programming4us
XP
programming4us
Windows Vista
programming4us
Windows 7
programming4us
Windows Azure
programming4us
Windows Server
programming4us
Windows Phone
 
Windows Server

Routing with Windows Server 2003 : Configuring Demand-Dial Routing (part 2) - Deploying a Demand-Dial Router-to-Router Configuration & Troubleshooting Demand-Dial Routing

3/20/2011 11:22:26 AM

Deploying a Demand-Dial Router-to-Router Configuration

Although the concept of demand-dial routing is simple, implementing demand-dial routing is relatively complex because of the number of features requiring configuration. The following sections describe these features.

Connection Endpoint Addressing

The connection must be made over public data networks, such as the public switched telephone network (PSTN). The endpoint of the connection must be identified by a phone number or other endpoint identifier.

Authenticating and Authorizing the Calling Router

Demand-dial routing in Windows Server 2003 networks requires a calling router and a called router, each running Routing And Remote Access. Each router can be configured to act as both a calling and called router, but during every connection attempt, the router acting as the calling router must be authenticated and authorized.

Authentication is based on the calling router’s set of credentials that are passed during the connection establishment process. The credentials that are passed must correspond to a user account. Authorization is granted based on the dial-in permission of the user account and remote access policies. You can configure authentication and authorization by using the Routing And Remote Access Wizard.

Differentiating Between Remote Access Clients and Routers

Both routing and remote access services coexist on the same server running Routing And Remote Access. Both remote access clients and routers can call the same phone number. The server running Routing And Remote Access that answers the call must be able to distinguish a remote access client from a router that is calling to create a demand-dial connection.

To differentiate a remote access client from a demand-dial router, the user name in the authentication credentials sent by the calling router must exactly match the name of a demand-dial interface on the answering router. Otherwise, the incoming connection is assumed to be a remote access connection.

Configuring Both Ends of the Connection

You must configure both ends of the connection even if only one end of the connection is initiating a demand-dial connection. Configuring only one side of the connection allows packets to be routed in only one direction; normal communication, however, requires that information travel in both directions.

Configuring Static Routes

Although you can use dynamic routing protocols with persistent dial-up connections, you cannot use them effectively over temporary dial-on-demand connections. For these connections, routes to network IDs that require the use of the demand-dial interface must be added to the routing table as static routes.

Also note that you must choose one static route to initiate the dial-on-demand connection. To achieve this task, verify that the Use This Route To Initiate Demand-Dial Connections check box is selected in the properties of the appropriate static route, as shown in Figure 8.

Figure 8. Linking a static route to a dial-on-demand connection


Troubleshooting Demand-Dial Routing

The following list provides a conceptual summary of the configuration requirements for a demand-dial routing deployment and of the associated potential points of failure. Review this summary and refer back to it as needed to help you troubleshoot routing through demand-dial interfaces.

  1. A number of basic features must be enabled on both ends of the connection for demand-dial routing to function. First, verify that Routing And Remote Access is configured and enabled on both servers. Second, make sure both servers have been enabled for LAN and demand-dial routing in the Routing And Remote Access console. Next, make sure IP routing is enabled. Finally, verify that the necessary demand-dial interfaces are not in a disabled state.

  2. Demand-dial routing requires that static routes be configured for both ends of the demand-dial connection. Verify that these routes are correctly configured. For dial-on-demand routing, verify that the Use This Route To Initiate Demand-Dial Connections check box is selected.

  3. For the connection to function as a link in a routed network, the demand-dial connection must not be interpreted as a remote access connection. To ensure that the connection is interpreted correctly, verify that the user name of the calling router’s credentials match the name of a demand-dial interface configured on the answering router. Verify that the calling router’s credentials consisting of user name, password, and domain name are correct and can be validated by the answering router.

  4. Answering routers must be authorized to function in Active Directory domains. For an answering router that is a member of an Active Directory domain, verify that the computer account of the answering router computer is a member of the RAS And IAS Servers security group.

  5. Routed connections are both authenticated and encrypted. To ensure that a demand-dial routed connection can be established, verify that in conjunction with a remote access policy, the calling router and the answering router are enabled to use at least one common authentication method and one common encryption method.

  6. Restrictions can be configured for each demand-dial interface in the form of dial-out hours and demand-dial filters. For each interface, verify that the dial-out hours or demand-dial filters for the demand-dial interface on the calling router are not preventing the connection attempt.

  7. Demand-dial interfaces communicate through ports, which can be disabled in the Routing And Remote Access console for inbound or outbound traffic. If a connection fails to be established at either end of a demand-dial routing connection, verify that the dial-up ports being used are configured to allow demand-dial routing (inbound and outbound).

  8. Packet filters can block access beyond a connection endpoint. If you cannot connect to resources beyond the answering router, verify that no packet filters on either demand-dial interface are preventing the flow of wanted traffic. Each demand-dial interface can be configured with IP input and output filters that allow you to control the exact nature of TCP/IP traffic allowed into and out of the demand-dial interface.

Other -----------------
- Exchange Server 2010 : Troubleshooting DNS Problems
- Understanding DNS Requirements for Exchange Server 2010
- Exchange Server 2010 : Examining DNS Components (part 2) - DNS Replication or Zone Transfer & DNS Resource Records
- Exchange Server 2010 : Examining DNS Components (part 1) - DNS Zones & DNS Queries
- Domain Name System and Its Role in Exchange Server 2010
- Configuring Windows Server 2003 for LAN Routing (part 4) - Exploring LAN Routing Scenarios
- Configuring Windows Server 2003 for LAN Routing (part 3) - Managing General IP Routing Properties & Working with Routing Tables
- Configuring Windows Server 2003 for LAN Routing (part 2) - Configuring Routing And Remote Access Service Properties
- Configuring Windows Server 2003 for LAN Routing (part 1) - Using the Routing And Remote Access Console
- Microsoft Content Management Server : Managing Template Galleries and Templates (part 4) - Moving Template Galleries and Templates
 
 
Top 10 video Game
-   Uncharted 4: A Thief's End | E3 2015 Extended Gameplay Trailer
-   V.Next [PC] Kickstarter Trailer
-   Renowned Explorers [PC] Launch Date Trailer
-   The Void (Game Trailer)
-   World of Warships [PC] Open Beta Trailer
-   F1 2015 | Features Trailer
-   Battle Fantasia Revised Edition | Debut Trailer for Steam
-   Victor Vran [PC] Story Trailer
-   Star Wars Battlefront PC Alpha footage
-   Skyforge [PC] Open Beta Gameplay Trailer
-   Armored Warfare [PC] PvE Trailer
-   F1 2015 [PS4/XOne/PC] Features Trailer
-   Act of Aggression [PC] Pre-Order Trailer
-   Sword Coast Legends [PC] Campaign Creation E3 2015 Trailer
-   Sword Coast Legends [PC] Campaign Creation E3 2015 Dungeon Run Trailer
Popular tags
Microsoft Access Microsoft Excel Microsoft OneNote Microsoft PowerPoint Microsoft Project Microsoft Visio Microsoft Word Active Directory Biztalk Exchange Server Microsoft LynC Server Microsoft Dynamic Sharepoint Sql Server Windows Server 2008 Windows Server 2012 Windows 7 Windows 8 windows Phone 7 windows Phone 8
programming4us programming4us
 
Popular keywords
HOW TO Swimlane in Visio Visio sort key Pen and Touch Creating groups in Windows Server Raid in Windows Server Exchange 2010 maintenance Exchange server mail enabled groups Debugging Tools Collaborating
programming4us programming4us
PS4 game trailer XBox One game trailer
WiiU game trailer 3ds game trailer
Trailer game
 
programming4us
Natural Miscarriage
programming4us
Windows Vista
programming4us
Windows 7
programming4us
Windows Azure
programming4us
Windows Server
programming4us
Game Trailer