Friday, November 27, 2015

Configure the Demand-Dial Interface for the Remote Site Connection

Interface Name:

                           Type a name for the remote router that matches the user account name that you created earlier for the remote router.

Connection Type:

                             Choose one of the following alternative options:
Connect using a modem, ISDN adapter, or other physical device. Select this option to establish a device-to-device dial-up connection.
  • On the Select a device screen, select the modem or adapter this interface will use from the prepopulated list.
  • On the Phone Number screen, if this is a calling router, type the phone number of the router this interface will call. (If this is an answering router that is not also a calling router, you can leave this blank.)
-or-
Connect using virtual private networking (VPN). Select this option to establish a VPN connection over the Internet.
  • On the VPN Type screen, select one of the following:

    • Automatic (accepts either PPTP or L2TP connections)
    • Point to Point Tunneling Protocol (PPTP)
    • Layer Two Tunneling Protocol (L2TP)
  • On the Destination Address screen, if this is a calling router, type the IP address of the remote router this interface will connect to. (If this is an answering router, you can leave this field blank.)
Do not select the third option, Connect using PPP over Ethernet (PPPoE), because PPPoE is used to link to the local ISP, not to create a device-to-device dial-up link or a VPN tunnel.

Protocols and Security:

                                        
  • Select Route IP packets on this interface (the default).
  • If this is an answering router that is not joined to an Active Directory domain, add a local account by selecting Add a user account so a remote router can dial in. This creates a local user account on the demand-dial router. (Do not select this option if you earlier created an Active Directory user account for the answering router to use to authenticate the calling router.)
Static Routes for Remote Networks:

                                   To add one or more static routes to define the permanent route between this network and the remote network, click Add, and then, in the Static Routedialog box, do the following:
  • Destination — Type the network ID of the remote site.
  • Network Mask — Type the subnet mask for the network ID of the remote site.
  • Metric — Select an appropriate number for the metric.
Dial In Credentials (for an answering router):

Type and confirm a password for the local user account. Note. This page appears only if this is an answering router and if you chose Add a user account so a remote router can dial in on the Protocols and Security page earlier in the wizard (to use a local account rather than an Active Directory account for router authentication). Notice that the prepopulated User name provided is the same name as that used for the demand-dial interface.

Dial Out Credentials (for a calling router):

Specify the dial-out credentials that this interface will use to connect to the remote router:
  • User name — Type the name of the user account for the calling router that matches the name of the corresponding demand-dial interface on the answering router.
  • Domain — Type the domain name; typically, both sites belong to the same domain.
  • Password and Confirm Password — Type the password.
Note. If this is an answering router that is not also a calling router, you do not need to provide this information; however, the wizard requires that you fill in this page, so type any name, domain, and password.

If the Routing and Remote Access Wizard (which ran before the Demand-Dial Interface Wizard) was unable to add the computer to the list of valid remote access servers in Active Directory, you saw the error message "Windows was unable to add this computer to the list of valid remote access servers in the Active Directory. Before you can use this computer as a remote access server, the domain administrator must complete this task." To enable the computer to function as a remote access server, add the computer account for the router to the RAS and IAS Servers security group. For information about how to add a computer account to a group, see Add a computer account to a group in Help and Support Center for Windows Server 2003. If you did not see the error message indicating that the computer had not been added to the valid remote access servers in Active Directory, you do not need to perform this step.
After at least one demand-dial interface exists, you can run the Demand-Dial Interface Wizard at any time to add additional demand-dial interfaces by right-clicking Network Interfaces in console tree, and then clicking New Demand-dial Interface. You run the wizard again for the following reasons:
  • To add other branch office sites, repeat the steps in this procedure for each additional demand-dial interface you want to create.
  • To establish a temporary link to the local ISP at the branch office in order to create a demand-dial interface for that link, perform the steps as described in the next section.


No comments:

Post a Comment