Networking

How do I... Configure a network to use demand dial routing?

Using a dial-up connection is rarely desirable. In the event of a connectivity outage, though, having a slow dial-up connection is much better than having no connection at all. In this article, Brien Posey explains how you can create a demand dial interface that will establish a temporary dial-up connection in times of service interruption.

This article is also available as a TechRepublic download.
This article was originally published on August 17, 2006.

In this day and age of low cost, high speed Internet access, it's easy to take bandwidth for granted. Even so, there are still situations in which high speed connectivity between remote routers is simply not an option. For example, high speed connectivity may not exist within the router's geographic proximity. Likewise, a high speed connection between routers might be cost prohibitive, especially if an organization does not anticipate much traffic flowing between those routers.

In situations like these, demand dial routing is sometimes a viable option. The demand dial route is similar to dial up networking, but with a couple of important differences. For starters, a demand dial route exists between routers, not between a PC and an ISP or between a PC and a server. Another major difference is the demand dial routes are event driven.

Imagine how expensive the long distance charges would become if a dial up route were in use 24 hours a day, every day. Demand dial routing does not actually establish a dial up route until there is a need for it. If a network host attempts to send packets to the remote network separated by a demand dial route, then the demand dial router will sense that packets need to flow to the remote location and establish a demand dial route. The connection is terminated once it has been determined that no more traffic needs to flow across the route.

Although demand dial routing is primarily used in situations in which high speed, dedicated connectivity is either impossible or cost prohibitive, these are not the only uses for demand our routing. Demand dial routing can also be used as a backup route. For example, if the company has a dedicated, high speed connection to a remote router, they can also configure a demand dial route to the remote location. That way, if the primary connection were to fail, the demand dial route could automatically be established between the two routers until the primary connection is restored. Granted, a dial-up connection is going to be painfully slow when compared with a high speed connection. However, and a situation in which the primary connection has failed is usually better to have a slow connection than to have no connectivity at all.

Configuring Demand Dial Routing

Now that I've talked about what demand dial routing is typically used for, I want to walk you through the configuration process. Some hardware routers have demand dial capabilities built in. For the purposes of this article though, I will be discussing how to configure Windows Server 2003 to act as a demand dial router.

Demand dial routing is one of the features built in to the Routing And Remote Access Service (RRAS). Normally, when you're going to be installing and configuring a new Windows component, you would use the Add/Remove Programs option found in the Control Panel. RRAS is kind of the exception to the rule though. RRAS is installed by default, but is not configured and is not active.

To configure RRAS, enter the MMC command at the Run prompt. When you do, Windows will open an empty Microsoft Management Console. Choose the Add/Remove Snap in command from the console's file menu. When you do you will see the Add/Remove Snap in properties sheet. Click the Add button found on the Standalone tab to reveal a list of available snap-ins. Choose the Routing And Remote Access option from the list of snap-ins and click the Add button, followed by the Close and OK buttons.

Once you have added the snap-in to the console, you will see that the snap-in is basically empty. If you were to expand the Routing And Remote Access container, you would see that the only thing under it is an empty Server Status container.

The first step in populating the console is to add a server. To do so, simply right-click on the Routing And Remote Access container and select the Add Server command from the resulting shortcut menu. When the Add Server dialog box appears, choose the This Computer option, and click OK. You will now see a listing for the server appear in the console just under the Server Status container.

The Routing And Remote Access snap-in is now aware of the server, but it still needs to be configured to act as a demand dial router. To configure the server, right-click on the server name and select the Configure And Enable Routing And Remote Access command from the resulting shortcut menu. Doing so will cause Windows to launch the Routing And Remote Access Server Setup Wizard.

Click Next to bypass the wizard's welcome screen. You will now see a screen asking what type of service you want for RRAS to perform. Since there is no option for demand dial routing, choose the Custom Configuration option, and click Next.

You will now see a screen asking you which services you want to enable on the server. There are about half a dozen different services listed. Select the Demand Dial Connection check box and click Next, followed by Finish. You should now see a message indicating that the Routing And Remote Access Service has been installed. Windows will then ask you if you would like to start the service. Click Yes, the service will start, and you will be returned to the Routing And Remote Access console.

The Remote Access Router

So far you have installed the Routing And Remote Access Service and all of the components required for demand dial routing. Although all of the necessary demand dial components are installed, they won't work by themselves. The demand dial router has to have something to dial into. That being the case, I want to show you how to install and configure the router on the receiving end before I show you how to configure the demand dial router.

Just as we used a server running Windows Server 2003 for the demand dial router, you also use a Windows 2003 Server for the receiving router. There really isn't anything too fancy about the receiving router. This really nothing more than a server that has the Routing And Remote Access services configured to act as a remote access server.

The initial steps in the configuration process are identical to the steps that you performed on the demand dial router.

To configure RRAS, enter the MMC command at the Run prompt. When you do, Windows will open an empty Microsoft Management Console. Choose the Add/Remove Snap in command from the console's file menu. When you do you will see the Add/Remove Snap in properties sheet. Click the Add button found on the Standalone tab to reveal a list of available snap-ins. Choose the Routing And Remote Access option from the list of snap-ins and click the Add button, followed by the Close and OK buttons.

Now, right-click on the Routing And Remote Access container and select the Add Server command from the resulting shortcut menu. When the Add Server dialog box appears, choose the This Computer option, and click OK. You will now see a listing for the server appear in the console just under the Server Status container.

To configure the server, right-click on the server name and select the Configure and Enable Routing And Remote Access command from the resulting shortcut menu. Doing so will cause Windows to launch the Routing And Remote Access Server Setup Wizard.

Click Next to bypass the wizard's welcome screen. You will now see a screen asking what type of service you want for RRAS to perform. Choose the Remote Access (dial-up or VPN) option from the list and click Next. You will now see a screen asking if you want to configure the server to act as a dial-up server, a VPN server, or both. Select the Dial-up check box and click Next.

At this point, you'll see a list of all of the network interfaces on the server. When a remote user, or in this case the demand dial router, connects to the server the server is acting as a router that allows the remote user or remote router to access one of the network segments connected to the server. You must therefore select which network segment you want the remote connections to bind to. Make your selection and click Next.

At this point, you must decide how you one IP addresses to be assigned to remote clients. You have two different options. One option is to assign IP addresses automatically. In doing so a DHCP server on the selected network segment will provide IP addresses to remote clients. If there is in a DHCP server available, then the remote access server will act as a DHCP server to remote connections.

The other option, is to assign IP addresses from a specified range of addresses. If you choose this option, the remote access server will basically act as a DHCP server remote connections. The differences that using this option gives you the ability to specify which ever scopes you want to use for remote connections.

The next screen that you will see asks you whether or not you want to use any RADIUS server to authenticate remote connections. Connection requests can be authenticated locally, or they can be forwarded to a RADIUS server for authentication.

The choice that is appropriate for you really just depends on how your network is configured and whether or not the remote access server will be used to service connections to anything other than the demand dial router. As I mentioned earlier, the Routing And Remote Access services are perfectly capable of authenticating connection requests on their own. Typically, it for remote access server is going to be used to service remote access connections for more than a couple of users, then it is considered to be a best practice to use a RADIUS server for authentication. On the other hand, if the remote access server is only going to be used to facilitate demand dial routing, then setting up a RADIUS server might be overkill. If you already have a RADIUS server on the same network as the remote access server though, then I would advise you to go ahead and use it even if the remote access server is only going to be used to facilitate demand dial routing.

Once you have made your selection regarding whether or not you want to use RADIUS server for authentication, click the Next button followed by the Finish button to complete the configuration process. Although you have finished working through the wizard, there is still a configuration task that you may or may not want to do. You have the option of configuring a DHCP relay agent so that a DHCP server can assign IP addresses to remote access clients. The demand dial router provides its own IP address, so the DHCP relay agent isn't really necessary. However, if you want to use the RRAS server to service dial up users then you will probably want to enable the DHCP relay agent.

To do so, navigate through the console tree to Routing And Remote Access | your server | IP Routing | General. Now, right-click on the General container and select the New Routing Protocol command from the resulting shortcut menu. Now, just select the DHCP Relay Agent option from the list of available routing protocols. If by chance the DHCP Relay Agent is not listed, then look under the IP Routing container to see if the DHCP Relay Agent is already installed.

Once you have installed the DHCP Relay Agent, you must configure the DHCP Relay Agent with the IP address of your DHCP server. To do so, right-click on the DHCP Relay Agent container (not on the DHCP relay agent's interface) and select the Properties command from the resulting shortcut menu. When the DHCP Relay Agent's properties sheet appears, enter the IP address of your DHCP server into the space provided and click OK.

Finishing the Demand Dial Router Configuration

Now that demand dial routing is installed and you have RRAS set up on the receiving end, it is time to complete the process by configuring the demand dial router. The first thing that you have to do is to create a demand dial interface. To do so, navigate through the console tree to Routing And Remote Access | your server | Network Interfaces. Next, right-click on the Network Interfaces container and select the Properties command from the New Demand Dial Interface command from the resulting shortcut menu. When you do, Windows will launch the Demand Dial Interface Wizard.

Click Next to bypass the wizard's Welcome screen. At this point, Windows will prompt you to enter a friendly name for the demand dial interface that you are creating. I recommend using a name that describes what the interface will connect to. Click Next and you will be prompted to choose the type of interface that you want to create. You can connect using a modem, a VPN connection, or a PPPoE connection. Select the modem option and click Next.

The next screen that you see allows you to select the modem that you want to use. You must also enter the phone number that you need for your demand dial router to dial in order to connect to the remote access server that you set up earlier.

Click Next and you will be taken to the Protocols and Security portion of the wizard. This screen contains a series of four check boxes that you can use to configure the demand dial interface. At a minimum, you will need to select the Route IP Packets on this Interface, and the Add a User Account so a Remote Router can Dial in check boxes. You also have the options of transmitting passwords in plain text and of using scripting to complete the connection. However, you usually will not have to use these check boxes.

The remainder of the wizard will vary depending upon the options that you've selected on the previous screen. For the purposes of this article, I am assuming that you have selected the options to route IP packets and to add a user account. That being the case, the next screen that you'll see will ask you to enter a static route to the remote network.

The idea behind this portion of the wizard is that the demand dial interface is acting as a router. Like any router, the demand dial interface needs to have a routing table that it can use to route traffic to the remote network. What this means is that you will have to assign the demand dial router a static IP address that is valid for the remote network.

Once you have assigned the demand dial interface an IP address that it can use when connecting to the remote network, click Next. You will now be prompted to enter a set of credentials to use when logging on to the remote network. As you may recall, the demand dial router is simply dialing into a remote access server. The remote access server is going to ask for a set of user credentials before granting access to resources on the remote network. After entering a set of user credentials, click Next, followed by Finish. The demand dial router is now ready to use.

Editor's Picks

Free Newsletters, In your Inbox