The username must match the name of the demand-dial interface on the
answering router.
A RRAS router can handle multiple VPN connections. Every site to site
connection must have the correct subnet route linked to it. You achieve this
by linking the static route for the subnet to the demand-dial interface. The
mechanism which links this together relies on the username supplied.
When the router receives an incoming call, it checks to see whether the
username matches one of its demand-dial interfaces. If it does, the
connection is made to that interface and the associated subnet route is
added to the routing table. If it does not, the caller is connected as a
normal "dialup" client, not a router. In that case, only a host route is set
up for the caller. Routing between subnets fails.
"George" <(E-Mail Removed)> wrote in message
news:53CA42D6-4F33-4E91-A1C4-(E-Mail Removed)...
>I have found the problem. When creating the demand dial connection, I did
>not
> use the "add a user account so a remote router can dial in" option. I just
> use an administrator account and configure it in DSA to allow dial in.
> Does
> any one have any ideas on this?
>
>
>
> "Dragos CAMARA" wrote:
>
>> hi,
>> check this :
>> http://www.microsoft.com/technet/pro...p/vpnconn.mspx
>> --
>> Dragos CAMARA
>> MCSA Windows 2003 server
>>
>>
>> "George" wrote:
>>
>> > I created demand-dial interface in RRAS to create the VPN connection to
>> > the
>> > remote site. Can I create a ste to site VPN connetion in RRAS? It seems
>> > I
>> > cannot do that. If I create a VPN connection in nertwork connections in
>> > Windows, I am not sure if it is able to route the IP packet. Any ideas?
>> >
>> > "Bill Grant" wrote:
>> >
>> > > To get routing between the two sites, you need to set up a site to
>> > > site
>> > > VPN (also known a LAN to LAN or router to router). This requires a
>> > > different
>> > > setup, with demand-dial interfaces and static routes configured on
>> > > the
>> > > routers at both sites.
>> > >
>> > > Dial on demand was designed to give you access to the Internet,
>> > > not to a
>> > > remote site. You can enable dial on demand for a site to site VPN,
>> > > but it is
>> > > not essential.
>> > >
>> > > "George" <(E-Mail Removed)> wrote in message
>> > > news:3BCF9ED8-3EC3-46AF-BE0C-(E-Mail Removed)...
>> > > >I have created two internal networks 192.168.1.0/24 and
>> > > >192.168.2.0/24.
>> > > > 192.168.1.1 and 192.168.2.1 are two Windows Server 2003 computers
>> > > > which
>> > > > also
>> > > > have Internet IP addresses. I created demard dial VPN connection in
>> > > > RRAS
>> > > > on
>> > > > both servers so that a VPN connection will be created when the
>> > > > computer in
>> > > > the local network trying to connect to a computer in the remote
>> > > > network.
>> > > > After these two demand dial VPN connections are created, the local
>> > > > server
>> > > > computer can access all the computers in the remote network.
>> > > > However, the
>> > > > client computers in the local network cannot access any computers
>> > > > in the
>> > > > remote network. Is there any configuration I missed?
>> > > >
>> > > >
>> > > >
>> > >
>> > >
>> > >
Similar Threads
Linear Mode
