VPN Connected Servers and Routing Tables

[Guest]

We have 4 branch offices which are connected with VPN (PPTP due to NAT
support). The demand-dial interfaces has been created such that they create a
routing table entry when connecting, which allows the servers to communicate
with each other. A demand-dial interface has been created for each direction.

Our problem is that sometimes when the demand-dial connection is created,
the connection is marked as connected although the routing table hasn't been
updated.

 

[Bill Grant]

This usually means that the connection has not been made to the
demand-dial interface on the "answering" router.

When you try to connect, the answering router checks the username being
used. If the username matches the name of a dd interface, the connection is
made to that interface. The routing table is then updated with the
appropriate routes (which are stored in the registry).

If the username does not match the name of a dd interface on the
answering router, the connection can still be made, but the routes are not
added. The RRAS server assumes it is a normal client-server type connection,
not a router to router connection.

 

[Guest]

The thing is that on both servers, the connection is marked as connected.
Yet, although the status is Connected, the routing tables aren't always
updated.

 

[Bill Grant]

The other thing to check is that the demand-dial interface is getting a
routable IP address (not an APIPA address). The dd interface must have its
own IP address and it cannot get one from the RRAS address pool. If it can't
get one from DHCP, give it an IP manually.