Demand dial filter

[TC]

Hi,

I have setup NAT and configured Demand dial interface to
connect to internet. Everything works fine. The PC behind
the NAT can connect to internet and stuff.

I am Running win2000 server with SP3.

But for some reason the demand dial filters do not work.
for eg: I did the following, I configured a filter

selected - only for following traffic
source- any
destination- any
source port- any
destination port- 21
( I assume when I apply this filter, the demand dial
connection will be brought up only if the demand dial
interface recieves FTP traffic from my the PCs behind the
NAT)
But when I tested this and tried to connect to a website
from a client behind NAT, it connects and the demand dial
connection connects. I am wondering how come the
connection is being brought up for web traffic when i have
specified only FTP traffic in the filter.

may be I am missing something or doing something rong.

thanks

TC

 

[Dusty Harper {MS}]

This is because the filter is applied to the interface only when the
connection is brought up. A demand Dial connection is triggered solely by
interesting traffic traveling to a configured destination ( triggered by
the use of a route ). Once the connection is established, then the filter
is applied.

 

[tc]

I really did not understand the explanation that you have
given.
what I read on microsoft is that the filter is for
initiating the demand dial connection ( to dial ).
from this I conclude that if I configure a filter for
destination port 21, then this connection should come up
only when it recieves packets addressed to port 21.(
Interesting traffic is the traffic addressed to port 21 ).
But my connection comes up even for web traffic.

thanks

TC

 

[Dusty Harper {MS}]

The filter does not get applied until after the interface is brought up.
the interesting traffic is anything destined to the other side ( this
initiates the connection ). The filter just acts as a restriction of what
will then flow over that connection.