Re: 2nd route to LAN added when client connects

---

• From: "Robert L [MVP - Networking]" <noreply@xxxxxxxxxxx>
• Date: Fri, 6 Oct 2006 12:21:02 -0500

---

RRAS may modify the routing table but should not create another default gateway. Posting the routing table and ipconfig /all here may help.

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
"John Philips" <JohnPhilips@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:8CDFD49B-D1E7-4431-BBBC-9EA2C7838E40@xxxxxxxxxxxxxxxx
I have a SBS 2003 with dual NICs, but I am running the machine in a single
NIC configuration. I have set-up RRAS for remote access, which I have done
many times before on other machines. For this particular machine, when a RAS
clent connection, the RRAS on the server adds a 2nd route for the local LAN
to the routing stack. With the same destination, but with the vpn client's
assigned IP address as the gateway.

To illustrate:

Before the VPN client connects, the routing table contains 10.0.0.0/24 with
a gateway of 10.0.0.1 (Server Local Area Connection address). This entry has
a metric of 10.

After the VPN client connects, the routing table contains a 2nd entry of
10.0.0.0/24 with a gateway of 10.0.0.118 (the address assigned to the RAS
client). This entry has a metric of 1. Since this route has a lower metric
it becomes the preferred route for the LAN and not of the PCs on the LAN can
communicate with the server.

When the RAS client disconnects the route is removed, and the PC on the LAN
can reach the server again.

I have dug through the RRAS configs many times and can't explain this. Does
anyone know what could be causing this? Or, can you provide some pointers on
how you control the routes that get added to the server when a RAS client
connects?

Thanks,
John

---

• Follow-Ups:
  • Re: 2nd route to LAN added when client connects
    • From: John Philips

• Prev by Date: Re: can't connect to vpn if a service listens on port 1723
• Next by Date: Re: can't connect to vpn if a service listens on port 1723
• Previous by thread: Re: RRAS client can not connect to or ping other hosts on network
• Next by thread: Re: 2nd route to LAN added when client connects
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: How to remove the Routing functionality of Windows 2003 ... "hacking" in and turning the routing on. ... the same way and use RRAS the same way. ... The second NIC is connected to a "private" network inside a central complex ... If it has two NICs and RRAS and you can also choose to not route. ... (microsoft.public.windows.server.networking) Re: Server 2003 RRAS Routing ... You simply enable IP routing in RRAS. ... That just enables the router. ... how do I enable Internet routing through RRAS? ... However, when any user attempts to connect to the VPN, they only get routes for the subnet local to the RRAS server. ... (microsoft.public.windows.server.networking) Re: vpn connection ok but cant find terminal server ? ... "Can't ping TS by IP that is the problem. ... Have you enable IP routing on the RRAS? ... User then launches remote desktop over 3389 to connect to terminal server ... (microsoft.public.windows.server.networking) Windows Server RRAS ... If your client is a Windows shop, note that Windows Server includes "Routing ... In fact, RRAS is automatically installed ... (comp.dcom.telecom.tech) Re: Can only see VPN server ... You can get a printout of the routing table on the VPN server the same ... table shows, its default route now points to the VPN link, ... All traffic coming in from the VPN client will be using its "VPN" address ... (microsoft.public.win2000.ras_routing)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(15)