Friday, November 27, 2015

Configure Internet Access Through the Calling Router

At a branch office, you can configure the calling router to grant users access to the Internet in addition to sending traffic to the main site over the site-to-site connection. Choose one of the following scenarios if you want to configure access to the Internet:
  • Access the Internet through the main office — for greater security.
  • Access the Internet directly — for faster performance.

For Security, Access the Internet Through the Main Office

To access the Internet through the main office, use the following steps to add a default (0.0.0.0/0.0.0.0) route to the demand-dial interface used for the dial-up or VPN connection. The default route ensures that all IP packets that cannot find specific routes on the private branch office network are sent to the Internet-connected interface of the demand-dial router at the main office. You might use this alternative if you use ISA Server at the main office.

To use the calling router to access the Internet through the main office

  1. On the branch office demand-dial router, open the Routing and Remote Access snap-in.
  2. In the console tree, expand the router you want to configure, expand IP Routing, right-click Static Routes, and then select New Static Route.
  3. In the Static Route dialog box, configure the following:

    1. In the Interface box, select the demand-dial interface used for the dial-up or VPN connection to the main office.
    2. In the Destination box, type 0.0.0.0
    3. In the Network Mask box, type 0.0.0.0
    4. In the Metric box, accept the default value (1).
    5. Select Use this route to initiate demand-dial connections.
    6. Click OK.

For Performance, Access the Internet Directly

To access the Internet directly from the branch office, you have two options, depending on how the branch office connects to the local ISP:
  • The branch office uses a dial-up connection to its local ISP.
  • The branch office uses a demand-dial connection to its local ISP.

Option 1: The branch office uses a dial-up connection to its local ISP

This method, which is more common and requires configuring only one static route, assumes that the branch office uses a dial-up connection to the local ISP in conjunction with the demand-dial connection to the main office.

To use the calling router to access the Internet directly if the branch office uses a dial-up connection to its local ISP

  1. On the branch office demand-dial router, open the Routing and Remote Access snap-in.
  2. In the console tree, expand the router you want to configure, expand IP Routing, right-click Static Routes, and then select New Static Route.
  3. In the Static Route dialog box, configure the following:

    1. In the Interface box, select the demand-dial interface used for the dial-up or VPN connection to the main office.
    2. In the Destination box, type the network ID of the main office network.
    3. In the Network Mask box, type the network mask for the main office network ID.
    4. In the Metric box, accept the default value (1).
    5. Select Use this route to initiate demand-dial connections.
    6. Click OK.

Option 2: The branch office uses a demand-dial connection to its local ISP

This method, which is less common and requires configuring two static routes, assumes that the branch office uses a demand-dial connection to the local ISP in conjunction with the demand-dial connection to the main office.

To use the calling router to access the Internet directly if the branch office uses a demand-dial connection to its local ISP

  1. On the branch office demand-dial router, open the Routing and Remote Access snap-in.
  2. In the console tree, expand the router you want to configure, expand IP Routing, right-click Static Routes, and then select New Static Route.
  3. In the Static Route dialog box, configure the following:

    1. In the Interface box, select the demand-dial interface used for connecting the branch office to its ISP.
    2. In the Destination box, type 0.0.0.0.
    3. In the Network Mask box, type 0.0.0.0.
    4. In the Metric box, accept the default value (1).
    5. Select Use this route to initiate demand-dial connections.
    6. Click OK.
  4. In the console tree, right-click Static Routes, and then select New Static Route.
  5. In the Static Route dialog box, configure the following:

    1. In the Interface box, select the demand-dial interface used for the dial-up or VPN connection to the main office.
    2. In the Destination box, type the network ID of the main office network.
    3. In the Network Mask box, type the network mask for the main office network ID.
    4. In the Metric box, accept the default value (1).
    5. Select Use this route to initiate demand-dial connections.
    6. Click OK.

No comments:

Post a Comment