RE: Route added by RRAS that overrides local LAN route on NIC
- From: John Philips <JohnPhilips@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 11 Oct 2006 05:29:02 -0700
As I read the article you provided, it appears to address name resolution
when the DNS/WINS returns the PPP adapter address instead of the LAN adapter
address. I have seen this problem before in other cases, but that is not the
problem here. I am debugging with IP addreses alone. I will reiterate, the
issue I am experiencing is clear. When the second route is added by the RRAS
for destination 1.0.0.0/24 using the RAS client address as the gateway with a
higer metric, then all traffic from the server to any address in the range of
10.0.0.0/24 - 10.0.0.255/24 (all devices on the LAN) will be routed through
the tunnel and thus the packets will not get to the PC on the LAN as I
observe.
As I have requested before, do you have access to any information on how
routes are added to the routing table on the server when a RAS client
connects to RRAS? If I could control this, I think I could fix my problem.
Thanks,
John
""Crina Li"" wrote:
Hi John,.
Thanks for your update.
The problem may be caused by the following:
When a remote computer connects to the Routing and Remote Access server by
using a dial-up or a VPN connection, the server creates a Point-to-Point
Protocol (PPP) adapter to communicate with the remote computer. The server
may then register the IP address of this PPP adapter in the DNS or the WINS
database.
When the Routing and Remote Access server registers the IP address of its
PPP adapter in DNS or WINS, you may receive errors on the local computers
when you try to connect to the server. You receive these errors because the
DNS or WINS servers may return the IP address of the PPP adapter to
computers that query DNS or WINS for the server's IP address. The computers
then try to connect to the IP address of the PPP adapter. Because the local
computers cannot reach the PPP adapter, the connections fail.
For more detailed information, please refer to the following KB article:
292822 Name resolution and connectivity issues on a Routing and Remote
Access Server that also runs DNS or WINS
http://support.microsoft.com/default.aspx?scid=kb;EN-US;292822
Thanks for your time and I look forward to hearing from you.
Best regards,
Crina Li (MSFT)
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
=====================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| Thread-Topic: Route added by RRAS that overrides local LAN route on NIC
| thread-index: Acbsd5fbSUq6Sh0VSV+m9IxhDrBbbg==
| X-WBNR-Posting-Host: 65.184.34.228
| From: =?Utf-8?B?Sm9obiBQaGlsaXBz?= <JohnPhilips@xxxxxxxxxxxxxxxxxxxxxxxxx>
| References: <850ACC3C-EA74-409F-9BE7-D86A2147AFF0@xxxxxxxxxxxxx>
<wrMbnC36GHA.4348@xxxxxxxxxxxxxxxxxxxxx>
<D350384D-3067-45AC-A911-C90363B45A1E@xxxxxxxxxxxxx>
<hyDIJAE7GHA.3352@xxxxxxxxxxxxxxxxxxxxx>
| Subject: RE: Route added by RRAS that overrides local LAN route on NIC
| Date: Tue, 10 Oct 2006 07:23:01 -0700
| Lines: 317
| Message-ID: <442E0440-D7E1-422B-B70C-8778872F7AEA@xxxxxxxxxxxxx>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="Utf-8"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| Content-Class: urn:content-classes:message
| Importance: normal
| Priority: normal
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.1830
| Newsgroups: microsoft.public.windows.server.sbs
| Path: TK2MSFTNGXA01.phx.gbl
| Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:303946
| NNTP-Posting-Host: TK2MSFTNGXA01.phx.gbl 10.40.2.250
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| Yes I have done all of these steps. I have intalled about 10 SBS systems
and
| performed the same set-up on all of them. This one for some reason has
this
| additional route problem. Can you tell me what causes this additional
route
| to be added? Is there a way to control the routes that RRAS adds to the
| server when the client connects? Since it is adding a route to the full
| subnet when the client connects it is behaving to me like a demain dial
| connection that you would set-up between two servers, but I have it
set-up to
| an Access Server.
|
| Any chance it has someting to do with 10.0.0.0/24 addressing on the box?
| the 10.x.x.x private block is a Class A block which I am subnetting to be
a
| Class C. Could this be confusing RRAS?
|
| John
|
| ""Crina Li"" wrote:
|
| > Hi John,
| >
| > Thanks for your update.
| >
| > From current situation, please check if you have configured the network
| > correctly on SBS and client computer:
| >
| > SBS:
| >
| > IP: Fixed IP address
| > Gateway: your Hardware router IP
| > DNS: SBS NIC IP as the only entry
| >
| > In the DNS console (dnsmgmt.msc), right click your ServerName and click
| > properties. In the Forwarders tab, your ISP DNS server IP should be
| > inputted there.
| >
| > On the client workstation, please make sure the configuration:
| >
| > IP: Assigned by DHCP on SBS or your hardware router
| > Gateway: hardware router
| > DNS: SBS INTERNAL NIC IP as the only entry
| >
| > And then recreate VPN to see if it helps. Please make sure you have
| > disabled the second NIC on the SBS.
| >
| > Thanks for your time and I look forward to hearing from you.
| >
| > Best regards,
| >
| > Crina Li (MSFT)
| >
| > Microsoft CSS Online Newsgroup Support
| >
| > Get Secure! - www.microsoft.com/security
| >
| > =====================================================
| > This newsgroup only focuses on SBS technical issues. If you have issues
| > regarding other Microsoft products, you'd better post in the
corresponding
| > newsgroups so that they can be resolved in an efficient and timely
manner.
| > You can locate the newsgroup here:
| > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
| >
| > When opening a new thread via the web interface, we recommend you check
the
| > "Notify me of replies" box to receive e-mail notifications when there
are
| > any updates in your thread. When responding to posts via your
newsreader,
| > please "Reply to Group" so that others may learn and benefit from your
| > issue.
| >
| > Microsoft engineers can only focus on one issue per thread. Although we
| > provide other information for your reference, we recommend you post
| > different incidents in different threads to keep the thread clean. In
doing
| > so, it will ensure your issues are resolved in a timely manner.
| >
| > For urgent issues, you may want to contact Microsoft CSS directly.
Please
| > check http://support.microsoft.com for regional support phone numbers.
| >
| > Any input or comments in this thread are highly appreciated.
| >
| > =====================================================
| >
| > This posting is provided "AS IS" with no warranties, and confers no
rights.
| > --------------------
| > | Thread-Topic: Route added by RRAS that overrides local LAN route on
NIC
| > | thread-index: AcbsHRHUAAf6uugcSyW0/DF1OTvIWA==
| > | X-WBNR-Posting-Host: 65.184.34.228
| > | From: =?Utf-8?B?Sm9obiBQaGlsaXBz?=
<JohnPhilips@xxxxxxxxxxxxxxxxxxxxxxxxx>
| > | References: <850ACC3C-EA74-409F-9BE7-D86A2147AFF0@xxxxxxxxxxxxx>
| > <wrMbnC36GHA.4348@xxxxxxxxxxxxxxxxxxxxx>
| > | Subject: RE: Route added by RRAS that overrides local LAN route on NIC
| > | Date: Mon, 9 Oct 2006 20:35:02 -0700
| > | Lines: 312
| > | Message-ID: <D350384D-3067-45AC-A911-C90363B45A1E@xxxxxxxxxxxxx>
| > | MIME-Version: 1.0
| > | Content-Type: text/plain;
| > | charset="Utf-8"
| > | Content-Transfer-Encoding: 7bit
| > | X-Newsreader: Microsoft CDO for Windows 2000
| > | Content-Class: urn:content-classes:message
| > | Importance: normal
| > | Priority: normal
| > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.1830
| > | Newsgroups: microsoft.public.windows.server.sbs
| > | Path: TK2MSFTNGXA01.phx.gbl
| > | Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:303842
| > | NNTP-Posting-Host: TK2MSFTNGXA01.phx.gbl 10.40.2.250
| > | X-Tomcat-NG: microsoft.public.windows.server.sbs
| > |
| > | I am using SBS as the VPN server. This is a router between SBS and
the
| > | internet that is peforming NAT. I have the appropriate ports open and
can
| > | successfully connect a WinXP RAS client to the VPN server. The
problem
| > is
| > | with the routes that get created on the RRAS when the client
connects,
| > not
| > | getting a successful connection. When the connection is up I can
| > successful
| > | get to the SBS server across the VPN. My issue is with the disruption
to
| > the
| > | connectivity to the other PCs on the LAN.
| > |
| > | Let me clarify what's happening with hopes you have seen this before:
| > |
| > | The server has a LAN address of 10.0.0.1 and is on a network
10.0.0.0/24.
| > | The route I am speaking of is the route to local LAN that is put in
the
| > | routing table when you configure the NIC. In my case this route looks
| > like
| > | this:
| > |
| > | Network Dest Netmask Gateway Interface Metric
| > | 10.0.0.0 255.255.255.0 10.0.0.1 10.0.0.1 10
| > |
| > | 10.0.0.1 is the LAN address.
| > |
| > | After the RAS client connects there is another route added so the two
| > | entries of interest look like this:
| > |
| > | Network Dest Netmask Gateway Interface Metric
| > | 10.0.0.0 255.255.255.0 10.0.0.1 10.0.0.1 10 <-this route is always
there
| > | (before and after the VPN cient connects)
| > | 10.0.0.0 255.255.255.0 10.0.0.115 10.0.0.121 1 <-this
| > | route added when client connects (in addtion to the host route that
is
| > also
| > | added like you usually see for each client)
| > |
| > | 10.0.0.115 is the address assigned to the RAS client (using DHCP).
| > | 10.0.0.121 is the Internal Interface on the server used by RAS. As
you
| > can
| > | see after this route is added the server is routing to 10.0.0.0 via
the
| > RAS
| > | tunnel vs. the LAN Interface so the PCs on the 10.0.0.0/24 local
subnet
| > are
| > | "disconnected" from the server. The only thing I could think of what
that
| > | this was related to something that is configured automatically since
| > there
| > | are two NICs in the server, but I ran the the Internet Connection
wizard
| > and
| > | set-up up the server to use one NIC for Internet and LAN.
| > |
| > | I was able to pull the ipconfig and routing table (without and with
RAS
| > cient
| > | connected) from the server. They are below.
| > |
| > | As you will see by the route table, there is a route as I described .
| > | Network Destination Netmask Gateway Interface
| > Metric
| > | 0.0.0.0 0.0.0.0 10.0.0.254 10.0.0.1
| > 1
| > | <------- Default route
| > | 10.0.0.0 255.255.255.0 10.0.0.1 10.0.0.1
| > 10
| > | <----------- Route for interface LAN
| > |
| > | After the RAS client connects, I get a 2nd entry for
| > 10.0.0.0/255.255.255.0
| > | but the gateway is the RAS client's assigned address, the Interface
is
| > the
| > | RRAS internal interface address, and the metic is 1. This causes the
| > server
| > | to route all traffic destined for the local LAN to be routed over the
| > tunnel
- Follow-Ups:
- RE: Route added by RRAS that overrides local LAN route on NIC
- From: John Philips
- RE: Route added by RRAS that overrides local LAN route on NIC
- References:
- RE: Route added by RRAS that overrides local LAN route on NIC
- From: "Crina Li"
- RE: Route added by RRAS that overrides local LAN route on NIC
- From: John Philips
- RE: Route added by RRAS that overrides local LAN route on NIC
- From: "Crina Li"
- RE: Route added by RRAS that overrides local LAN route on NIC
- From: John Philips
- RE: Route added by RRAS that overrides local LAN route on NIC
- From: "Crina Li"
- RE: Route added by RRAS that overrides local LAN route on NIC
- Prev by Date: Re: login challenge at company web
- Next by Date: Just added Exchange; Q about initial startup
- Previous by thread: RE: Route added by RRAS that overrides local LAN route on NIC
- Next by thread: RE: Route added by RRAS that overrides local LAN route on NIC
- Index(es):
Relevant Pages
|
