2nd route to LAN added when client connects

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I have a SBS 2003 with dual NICs, but I am running the machine in a single
NIC configuration. I have set-up RRAS for remote access, which I have done
many times before on other machines. For this particular machine, when a RAS
clent connection, the RRAS on the server adds a 2nd route for the local LAN
to the routing stack. With the same destination, but with the vpn client's
assigned IP address as the gateway.

To illustrate:

Before the VPN client connects, the routing table contains 10.0.0.0/24 with
a gateway of 10.0.0.1 (Server Local Area Connection address). This entry has
a metric of 10.

After the VPN client connects, the routing table contains a 2nd entry of
10.0.0.0/24 with a gateway of 10.0.0.118 (the address assigned to the RAS
client). This entry has a metric of 1. Since this route has a lower metric
it becomes the preferred route for the LAN and not of the PCs on the LAN can
communicate with the server.

When the RAS client disconnects the route is removed, and the PC on the LAN
can reach the server again.

I have dug through the RRAS configs many times and can't explain this. Does
anyone know what could be causing this? Or, can you provide some pointers on
how you control the routes that get added to the server when a RAS client
connects?

Thanks,
John
 
RRAS may modify the routing table but should not create another default gateway. Posting the routing table and ipconfig /all here may help.

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
I have a SBS 2003 with dual NICs, but I am running the machine in a single
NIC configuration. I have set-up RRAS for remote access, which I have done
many times before on other machines. For this particular machine, when a RAS
clent connection, the RRAS on the server adds a 2nd route for the local LAN
to the routing stack. With the same destination, but with the vpn client's
assigned IP address as the gateway.

To illustrate:

Before the VPN client connects, the routing table contains 10.0.0.0/24 with
a gateway of 10.0.0.1 (Server Local Area Connection address). This entry has
a metric of 10.

After the VPN client connects, the routing table contains a 2nd entry of
10.0.0.0/24 with a gateway of 10.0.0.118 (the address assigned to the RAS
client). This entry has a metric of 1. Since this route has a lower metric
it becomes the preferred route for the LAN and not of the PCs on the LAN can
communicate with the server.

When the RAS client disconnects the route is removed, and the PC on the LAN
can reach the server again.

I have dug through the RRAS configs many times and can't explain this. Does
anyone know what could be causing this? Or, can you provide some pointers on
how you control the routes that get added to the server when a RAS client
connects?

Thanks,
John
 
Robert,

I can't access the machine at the moment as it is at another location and
with the VPN not functioning then I can get in to pull the commands you
requested.

However, let me clarify what's happening with hopes you have seen this before:

The server has a LAN address of 10.0.0.1 and is on a network 10.0.0.0/24.
The route I am speaking of is the route to local LAN that is put in the
routing table when you configure the NIC. In my case this route looks like
this:

Network Dest Netmask Gateway Interface Metric
10.0.0.0 255.255.255.0 10.0.0.1 10.0.0.1 20

10.0.0.1 is the LAN address.

After the RAS client connects there is another route added so the two
entries of interest look like this:

Network Dest Netmask Gateway Interface Metric
10.0.0.0 255.255.255.0 10.0.0.1 10.0.0.1 20
10.0.0.0 255.255.255.0 10.0.0.118 10.0.0.121 1 <-this
route added when client connects (in addtion to the host route that is also
added like you usually see for each client)

10.0.0.118 is the address assigned to the RAS client (using DHCP).
10.0.0.121 is the Internal Interface on the server used by RAS. As you can
see after this route is added the server is routing to 10.0.0.0 via the RAS
tunnel vs. the LAN Interface so the PCs on the 10.0.0.0/24 local subnet are
"disconnected" from the server. The only thing I could think of what that
this was related to something that is configured automatically since there
are two NICs in the server, but I ran the the Internet Connection wizard and
set-up up the server to use one NIC for Internet and LAN.

Have you ever heard of this before. What would be making RRAS add this route?

Thanks,
John
 
Sorry for misreading your post. I have a question about the default gateway. Are you should the default gateway and interface are the same?

By the default the routing table should like look this:

Network Dest Netmask Gateway Interface Metric
10.0.0.0 255.255.255.0 10.0.0.x 10.0.0.y 20
10.0.0.0 255.255.255.0 10.0.0.118 10.0.0.121 20

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
Robert,

I can't access the machine at the moment as it is at another location and
with the VPN not functioning then I can get in to pull the commands you
requested.

However, let me clarify what's happening with hopes you have seen this before:

The server has a LAN address of 10.0.0.1 and is on a network 10.0.0.0/24.
The route I am speaking of is the route to local LAN that is put in the
routing table when you configure the NIC. In my case this route looks like
this:

Network Dest Netmask Gateway Interface Metric
10.0.0.0 255.255.255.0 10.0.0.1 10.0.0.1 20

10.0.0.1 is the LAN address.

After the RAS client connects there is another route added so the two
entries of interest look like this:

Network Dest Netmask Gateway Interface Metric
10.0.0.0 255.255.255.0 10.0.0.1 10.0.0.1 20
10.0.0.0 255.255.255.0 10.0.0.118 10.0.0.121 1 <-this
route added when client connects (in addtion to the host route that is also
added like you usually see for each client)

10.0.0.118 is the address assigned to the RAS client (using DHCP).
10.0.0.121 is the Internal Interface on the server used by RAS. As you can
see after this route is added the server is routing to 10.0.0.0 via the RAS
tunnel vs. the LAN Interface so the PCs on the 10.0.0.0/24 local subnet are
"disconnected" from the server. The only thing I could think of what that
this was related to something that is configured automatically since there
are two NICs in the server, but I ran the the Internet Connection wizard and
set-up up the server to use one NIC for Internet and LAN.

Have you ever heard of this before. What would be making RRAS add this route?

Thanks,
John
 
Robert,

Thanks for your attention and help on this issue.

I was able to pull the ipconfig and routing table (without RAS cient
connected) from the server. They are below.

In answer to your question, the route I am speaking of is the route to the
local LAN, not the default route. As you will see by the route table, there
is a route as I described (the metric was actually 10 not 20 as originally
reported). This is in addition to the default route, which I think is the
one you were referring to. I see these two routes on all windows machines
that I looked at, so I believe this to be normal. Here's an except with
annotation plus the entire table is further down below:

Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.254 10.0.0.1 1
<------- Default route
10.0.0.0 255.255.255.0 10.0.0.1 10.0.0.1 10
<----------- Route for interface LAN

After the RAS client connects, I get a 2nd entry for 10.0.0.0/255.255.255.0
but the gateway is the RAS client's assigned address, the Interface is the
RRAS internal interface address, and the metic is 1. This causes the server
to route all traffic destined for the local LAN to be routed over the tunnel
to the remote client. As expected the resulting effect is the server cannot
route packets to any of the machines on the local LAN which is very bad.

This is really driving me nuts, so if you can shed any light on this, it
would be much appreciated.

John

Output of ipconfig /all and route print (without RAS client connected).

Windows IP Configuration

Host Name . . . . . . . . . . . . : SERVER1
Primary Dns Suffix . . . . . . . : kuzma.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : kuzma.local

PPP adapter RAS Server (Dial In) Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.121
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled

Ethernet adapter Server Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
Physical Address. . . . . . . . . : 00-13-72-F7-3C-AB
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.0.0.254
DNS Servers . . . . . . . . . . . : 10.0.0.1


C:\Documents and Settings\Administrator>route print

IPv4 Route Table
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10002 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
0x10003 ...00 13 72 f7 3c ab ...... Intel(R) PRO/1000 MT Network Connection
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.254 10.0.0.1 1
10.0.0.0 255.255.255.0 10.0.0.1 10.0.0.1 10
10.0.0.1 255.255.255.255 127.0.0.1 127.0.0.1 10
10.0.0.121 255.255.255.255 127.0.0.1 127.0.0.1 50
10.255.255.255 255.255.255.255 10.0.0.1 10.0.0.1 10
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
224.0.0.0 240.0.0.0 10.0.0.1 10.0.0.1 10
255.255.255.255 255.255.255.255 10.0.0.1 10.0.0.1 1
Default Gateway: 10.0.0.254
===========================================================================
Persistent Routes:
None

C:\Documents and Settings\Administrator>
 
I found a fix for my problem. Turns out that if i renumbered my LAN so that
it was not 10.0.0.0/24 (I used 10.1.20.0/24), then while the 10.0.0.0/24
route was still added it no longer interfered with my LAN network route
(since it is now 10.1.20.0/24).

I am still perplexed on where this 10.0.0.0/24 network route is coming from.
After checking some other servers that have VPN connecting correctly, I find
that the extra route that is added is a host route to the public IP of the
RAS client. I now suspect that the 10.0.0.0 route may be resulting from the
way my Dlink router is doing NAT. I can't be sure about this, but otherwise
I can't explain why see host routes to the RAS client public IP on other
machines and an I see a network route on this machine which sites behind the
D-link. My other machines that have a host route added are behind Cisco PIXs
which are doing the NAT.

So the lesson is avoid using 10.0.0.0 network number on you LAN if you plan
on using RRAS.

John
 
Thank you for the feedback.

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
I found a fix for my problem. Turns out that if i renumbered my LAN so that
it was not 10.0.0.0/24 (I used 10.1.20.0/24), then while the 10.0.0.0/24
route was still added it no longer interfered with my LAN network route
(since it is now 10.1.20.0/24).

I am still perplexed on where this 10.0.0.0/24 network route is coming from.
After checking some other servers that have VPN connecting correctly, I find
that the extra route that is added is a host route to the public IP of the
RAS client. I now suspect that the 10.0.0.0 route may be resulting from the
way my Dlink router is doing NAT. I can't be sure about this, but otherwise
I can't explain why see host routes to the RAS client public IP on other
machines and an I see a network route on this machine which sites behind the
D-link. My other machines that have a host route added are behind Cisco PIXs
which are doing the NAT.

So the lesson is avoid using 10.0.0.0 network number on you LAN if you plan
on using RRAS.

John
 
Back
Top