Can not communicate with other hosts on network

  • Thread starter Thread starter Microsoft
  • Start date Start date
M

Microsoft

Good Evening all,

I have ran into a problem that is making me crazy and I am hoping that
someone has seen this before or may have some ideas.

Clients can connect to our RRAS server through both PPTP/L2TP and dial-up
connections and they will be authenticated on the network with no errors.

After connection I can access resources and ping the RRAS server with no
problems, however, I can not connect to or ping any other resource on the
network. There are no errors logged in the event viewer of the client, RRAS
server or DCs on the network. When enabling the tracing for RRAS the only
errors in any logs are in the IPRouterManager.log file. The most recent
connection is shown in the log at the end of this post.

This RRAS server has been functional for the last 2 years and my customer
claims no changes have been made. I have not known this customer to shirk
responsibility for a problem in the past so I tend to believe him.

The following troubleshooting steps have been attempted:

1. Restart server
2. route -f then restart of server
3. Disable RRAS then restart of server
4. Enable and reconfigure RRAS then restart server
5. Network Monitor of Internal NIC and PPP Interface.
A. No packets were being routed between the two interfaces.
6. Change of IP scope for RRAS
7. Connected workstation directly to the NIC on the RRAS server and verified
that the RRAS client could not be reached via pings.
A. This was performed simply to verify that the network configuration
was not conributing to the problem.

Server Configuration

Windows Server 2003 (I know this is a Win2K group but there wasn't a group
for RAS on W2K)
Service Pack 1
Single Network Interface
IP NAT'd through PIX Firewall to externally accessible IP
Hayes Optima 56K Modems for dial-in access
NIC IP: 10.0.1.11
Gateway: 255.255.255.0
RRAS Scope: 192.168.60.2 - 192.168.60.100

Thank you in advance for any assistance.

Jeff Rapp


IPROUTERMANAGER.LOG

[452] 17:24:49: RouterBootComplete: Signalling worker to enable forwarding
[484] 17:24:49: WorkerThread: **--Enabling forwarding--**
[5280] 17:24:49: RestoreStaticRoutes: restoring for
{DDF4C604-4505-4363-821C-A73DB7870441}
[5280] 17:24:49: RestoreStaticRoutes: Successfully set routes for
{DDF4C604-4505-4363-821C-A73DB7870441}
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: Route addition failed with 57 for
[5280] 17:24:50: 10.0.1.0/255.255.255.0 Proto: 2 Metric 20
[5280] 17:24:50: Via 10.0.1.11/0x2 Type 3 Context 0x0
[5280] 17:24:50: Route addition failed with 57 for local route
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: ChangeRouteWithForwarder: Deleting all routes to
0.0.0.0/0.0.0.0
[5280] 17:24:50: Route addition succeeded for
[5280] 17:24:50: 0.0.0.0/0.0.0.0 Proto: 3 Metric 20
[5280] 17:24:50: Via 10.0.1.1/0x2 Type 4 Context 0x0
[5280] 17:24:50: Releasing routes to 0/0
[5280] 17:24:50: Releasing route enum for 0/0
[5280] 17:24:50: ProcessDefaultRouteChanges: Not default route 10.0.1.0/24
[5280] 17:24:50: ProcessDefaultRouteChanges: Not default route 224.0.0.0/4
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: ProcessDefaultRouteChanges: Not default route
10.255.255.255/32
[5280] 17:24:50: ProcessDefaultRouteChanges: Not default route
255.255.255.255/32
[2224] 17:31:20: AddInterface: Adding administrator
[2224] 17:31:20: ICB number for administrator is 4
[2224] 17:31:20: ENTERED SetMcastLimitInfo for If ffffffff
[2224] 17:31:20: LEFT SetMcastLimitInfo
[2224] 17:31:20: ENTERED SetBoundaryInfo for If ffffffff
[2224] 17:31:20: LEFT SetBoundaryInfo
[1324] 17:31:20: Error adding route, Stack bit == 0
[1324] 17:31:20: ProcessDefaultRouteChanges: Not default route
24.140.102.183/32
[2224] 17:31:20: AddInterface: Added administrator: Type- 0, Index- -1, ICB
0x1b832a0
[484] 17:31:20: HandleMcMiscMessages: Received Address change notification
[484] 17:31:20: UpdateBindingInformation: Address
192.168.60.2/255.255.255.255 new for Internal
[484] 17:31:20: GenericInterfaceComingUp: Internal coming UP
[484] 17:31:20: CreateSockets: Joining ALL_ROUTERS on Internal
[484] 17:31:20: GenericInterfaceComingUp: Error 10049 joining all-routers
group on Internal
[484] 17:31:20: AddressChange: No address change for
{DDF4C604-4505-4363-821C-A73DB7870441}
[4236] 17:31:20: RestoreStaticRoutes: restoring for Internal
[4236] 17:31:20: RestoreStaticRoutes: Successfully set routes for Internal
[2224] 17:31:21: InterfaceConnected: InterfaceConnected called for
administrator. State is 3
[1324] 17:31:21: Error adding route, Stack bit == 0
[1324] 17:31:21: Route addition failed with 57 for
[1324] 17:31:21: 192.168.60.0/255.255.255.240 Proto: 3 Metric 1
[1324] 17:31:21: Via 192.168.60.2/0x10003 Type 3 Context 0x0
[1324] 17:31:21: Route addition failed with 57 for local route
[1324] 17:31:21: Error adding route, Stack bit == 0
[1324] 17:31:21: ProcessDefaultRouteChanges: Not default route
192.168.60.2/32
[1324] 17:31:21: ProcessDefaultRouteChanges: Not default route
192.168.60.0/28
[1408] 17:34:04: ENTERED SetScopeInfo
[1408] 17:34:04: LEFT SetScopeInfo
[2224] 17:34:43: DeleteInterface: Deleting administrator,
[1408] 17:35:22: ENTERED SetScopeInfo
[1408] 17:35:22: LEFT SetScopeInfo
[1408] 17:35:56: AccessIpStats: Signalling worker to enable forwarding
[1408] 17:35:56: AccessIpStats: Signalling worker to enable forwarding
 
Posting the both client and server routing tables may help. Or check these search results.

routing issues on vpn Can ping VPN server only but not other resources Can't access the internal server when remote client establishes VPN Can't access the Internet while using ...
www.chicagotech.net/routingissuesonvpn.htm

Can't ping remote computers VPN client can ping server only The VPN client can ping the VPN server without problem. ... The ipconfig /all display both NICs’ IPs are in the same IP ...
www.chicagotech.net/casestudy/notpingvpn.htm



Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
Good Evening all,

I have ran into a problem that is making me crazy and I am hoping that
someone has seen this before or may have some ideas.

Clients can connect to our RRAS server through both PPTP/L2TP and dial-up
connections and they will be authenticated on the network with no errors.

After connection I can access resources and ping the RRAS server with no
problems, however, I can not connect to or ping any other resource on the
network. There are no errors logged in the event viewer of the client, RRAS
server or DCs on the network. When enabling the tracing for RRAS the only
errors in any logs are in the IPRouterManager.log file. The most recent
connection is shown in the log at the end of this post.

This RRAS server has been functional for the last 2 years and my customer
claims no changes have been made. I have not known this customer to shirk
responsibility for a problem in the past so I tend to believe him.

The following troubleshooting steps have been attempted:

1. Restart server
2. route -f then restart of server
3. Disable RRAS then restart of server
4. Enable and reconfigure RRAS then restart server
5. Network Monitor of Internal NIC and PPP Interface.
A. No packets were being routed between the two interfaces.
6. Change of IP scope for RRAS
7. Connected workstation directly to the NIC on the RRAS server and verified
that the RRAS client could not be reached via pings.
A. This was performed simply to verify that the network configuration
was not conributing to the problem.

Server Configuration

Windows Server 2003 (I know this is a Win2K group but there wasn't a group
for RAS on W2K)
Service Pack 1
Single Network Interface
IP NAT'd through PIX Firewall to externally accessible IP
Hayes Optima 56K Modems for dial-in access
NIC IP: 10.0.1.11
Gateway: 255.255.255.0
RRAS Scope: 192.168.60.2 - 192.168.60.100

Thank you in advance for any assistance.

Jeff Rapp


IPROUTERMANAGER.LOG

[452] 17:24:49: RouterBootComplete: Signalling worker to enable forwarding
[484] 17:24:49: WorkerThread: **--Enabling forwarding--**
[5280] 17:24:49: RestoreStaticRoutes: restoring for
{DDF4C604-4505-4363-821C-A73DB7870441}
[5280] 17:24:49: RestoreStaticRoutes: Successfully set routes for
{DDF4C604-4505-4363-821C-A73DB7870441}
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: Route addition failed with 57 for
[5280] 17:24:50: 10.0.1.0/255.255.255.0 Proto: 2 Metric 20
[5280] 17:24:50: Via 10.0.1.11/0x2 Type 3 Context 0x0
[5280] 17:24:50: Route addition failed with 57 for local route
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: ChangeRouteWithForwarder: Deleting all routes to
0.0.0.0/0.0.0.0
[5280] 17:24:50: Route addition succeeded for
[5280] 17:24:50: 0.0.0.0/0.0.0.0 Proto: 3 Metric 20
[5280] 17:24:50: Via 10.0.1.1/0x2 Type 4 Context 0x0
[5280] 17:24:50: Releasing routes to 0/0
[5280] 17:24:50: Releasing route enum for 0/0
[5280] 17:24:50: ProcessDefaultRouteChanges: Not default route 10.0.1.0/24
[5280] 17:24:50: ProcessDefaultRouteChanges: Not default route 224.0.0.0/4
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: ProcessDefaultRouteChanges: Not default route
10.255.255.255/32
[5280] 17:24:50: ProcessDefaultRouteChanges: Not default route
255.255.255.255/32
[2224] 17:31:20: AddInterface: Adding administrator
[2224] 17:31:20: ICB number for administrator is 4
[2224] 17:31:20: ENTERED SetMcastLimitInfo for If ffffffff
[2224] 17:31:20: LEFT SetMcastLimitInfo
[2224] 17:31:20: ENTERED SetBoundaryInfo for If ffffffff
[2224] 17:31:20: LEFT SetBoundaryInfo
[1324] 17:31:20: Error adding route, Stack bit == 0
[1324] 17:31:20: ProcessDefaultRouteChanges: Not default route
24.140.102.183/32
[2224] 17:31:20: AddInterface: Added administrator: Type- 0, Index- -1, ICB
0x1b832a0
[484] 17:31:20: HandleMcMiscMessages: Received Address change notification
[484] 17:31:20: UpdateBindingInformation: Address
192.168.60.2/255.255.255.255 new for Internal
[484] 17:31:20: GenericInterfaceComingUp: Internal coming UP
[484] 17:31:20: CreateSockets: Joining ALL_ROUTERS on Internal
[484] 17:31:20: GenericInterfaceComingUp: Error 10049 joining all-routers
group on Internal
[484] 17:31:20: AddressChange: No address change for
{DDF4C604-4505-4363-821C-A73DB7870441}
[4236] 17:31:20: RestoreStaticRoutes: restoring for Internal
[4236] 17:31:20: RestoreStaticRoutes: Successfully set routes for Internal
[2224] 17:31:21: InterfaceConnected: InterfaceConnected called for
administrator. State is 3
[1324] 17:31:21: Error adding route, Stack bit == 0
[1324] 17:31:21: Route addition failed with 57 for
[1324] 17:31:21: 192.168.60.0/255.255.255.240 Proto: 3 Metric 1
[1324] 17:31:21: Via 192.168.60.2/0x10003 Type 3 Context 0x0
[1324] 17:31:21: Route addition failed with 57 for local route
[1324] 17:31:21: Error adding route, Stack bit == 0
[1324] 17:31:21: ProcessDefaultRouteChanges: Not default route
192.168.60.2/32
[1324] 17:31:21: ProcessDefaultRouteChanges: Not default route
192.168.60.0/28
[1408] 17:34:04: ENTERED SetScopeInfo
[1408] 17:34:04: LEFT SetScopeInfo
[2224] 17:34:43: DeleteInterface: Deleting administrator,
[1408] 17:35:22: ENTERED SetScopeInfo
[1408] 17:35:22: LEFT SetScopeInfo
[1408] 17:35:56: AccessIpStats: Signalling worker to enable forwarding
[1408] 17:35:56: AccessIpStats: Signalling worker to enable forwarding
 
Robert,

I checked saw many of your posts while researching this problem and checked
out your site, very informative site by the way, and none of the solutions
apply.

Remember that this also happens for dial-in clients so the firewall is not a
concern at this point. Here are the routing tables for the client and
server.

CLIENT ROUTING TABLE AFTER CONNECTION IS MADE

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Program Files\Windows Resource Kits\Tools>route print
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 90 4b ad 42 4f ...... Broadcom 802.11b/g WLAN - Packet Scheduler
Mini
t
0x10004 ...00 10 c6 79 5c 9e ...... Bluetooth Device (Personal Area Network)
#2
0x40005 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.15.1 192.168.15.100 26
0.0.0.0 0.0.0.0 192.168.60.3 192.168.60.3 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.15.0 255.255.255.0 192.168.15.100 192.168.15.100 25
192.168.15.100 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.15.255 255.255.255.255 192.168.15.100 192.168.15.100 25
192.168.60.3 255.255.255.255 127.0.0.1 127.0.0.1 50
192.168.60.255 255.255.255.255 192.168.60.3 192.168.60.3 50
204.210.174.124 255.255.255.255 192.168.15.1 192.168.15.100 25
224.0.0.0 240.0.0.0 192.168.15.100 192.168.15.100 25
224.0.0.0 240.0.0.0 192.168.60.3 192.168.60.3 1
255.255.255.255 255.255.255.255 192.168.15.100 192.168.15.100 1
255.255.255.255 255.255.255.255 192.168.15.100 10004 1
255.255.255.255 255.255.255.255 192.168.60.3 192.168.60.3 1
Default Gateway: 192.168.60.3
===========================================================================
Persistent Routes:
None

SERVER ROUTING TABLE AFTER CONNECTION IS MADE

IPv4 Route Table
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 50 8b f9 20 8f ...... HP NC3131 Fast Ethernet NIC #2
0x10003 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.1.1 10.0.1.11 20
10.0.1.0 255.255.255.0 10.0.1.11 10.0.1.11 20
10.0.1.11 255.255.255.255 127.0.0.1 127.0.0.1 20
10.255.255.255 255.255.255.255 10.0.1.11 10.0.1.11 20
24.140.102.183 255.255.255.255 10.0.1.1 10.0.1.11 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.60.2 255.255.255.255 127.0.0.1 127.0.0.1 50
192.168.60.3 255.255.255.255 192.168.60.2 192.168.60.2 1
224.0.0.0 240.0.0.0 10.0.1.11 10.0.1.11 20
255.255.255.255 255.255.255.255 10.0.1.11 10.0.1.11 1
Default Gateway: 10.0.1.1
===========================================================================
Persistent Routes:
None

Thanks for all your help with this issue.

Jeff



Posting the both client and server routing tables may help. Or check these
search results.

routing issues on vpn Can ping VPN server only but not other resources Can't
access the internal server when remote client establishes VPN Can't access
the Internet while using ...
www.chicagotech.net/routingissuesonvpn.htm

Can't ping remote computers VPN client can ping server only The VPN
client can ping the VPN server without problem. ... The ipconfig /all
display both NICs’ IPs are in the same IP ...
www.chicagotech.net/casestudy/notpingvpn.htm



Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on
http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on
http://www.HowToNetworking.com
Good Evening all,

I have ran into a problem that is making me crazy and I am hoping that
someone has seen this before or may have some ideas.

Clients can connect to our RRAS server through both PPTP/L2TP and dial-up
connections and they will be authenticated on the network with no errors.

After connection I can access resources and ping the RRAS server with no
problems, however, I can not connect to or ping any other resource on the
network. There are no errors logged in the event viewer of the client,
RRAS
server or DCs on the network. When enabling the tracing for RRAS the only
errors in any logs are in the IPRouterManager.log file. The most recent
connection is shown in the log at the end of this post.

This RRAS server has been functional for the last 2 years and my customer
claims no changes have been made. I have not known this customer to shirk
responsibility for a problem in the past so I tend to believe him.

The following troubleshooting steps have been attempted:

1. Restart server
2. route -f then restart of server
3. Disable RRAS then restart of server
4. Enable and reconfigure RRAS then restart server
5. Network Monitor of Internal NIC and PPP Interface.
A. No packets were being routed between the two interfaces.
6. Change of IP scope for RRAS
7. Connected workstation directly to the NIC on the RRAS server and
verified
that the RRAS client could not be reached via pings.
A. This was performed simply to verify that the network configuration
was not conributing to the problem.

Server Configuration

Windows Server 2003 (I know this is a Win2K group but there wasn't a group
for RAS on W2K)
Service Pack 1
Single Network Interface
IP NAT'd through PIX Firewall to externally accessible IP
Hayes Optima 56K Modems for dial-in access
NIC IP: 10.0.1.11
Gateway: 255.255.255.0
RRAS Scope: 192.168.60.2 - 192.168.60.100

Thank you in advance for any assistance.

Jeff Rapp


IPROUTERMANAGER.LOG

[452] 17:24:49: RouterBootComplete: Signalling worker to enable forwarding
[484] 17:24:49: WorkerThread: **--Enabling forwarding--**
[5280] 17:24:49: RestoreStaticRoutes: restoring for
{DDF4C604-4505-4363-821C-A73DB7870441}
[5280] 17:24:49: RestoreStaticRoutes: Successfully set routes for
{DDF4C604-4505-4363-821C-A73DB7870441}
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: Route addition failed with 57 for
[5280] 17:24:50: 10.0.1.0/255.255.255.0 Proto: 2 Metric 20
[5280] 17:24:50: Via 10.0.1.11/0x2 Type 3 Context 0x0
[5280] 17:24:50: Route addition failed with 57 for local route
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: ChangeRouteWithForwarder: Deleting all routes to
0.0.0.0/0.0.0.0
[5280] 17:24:50: Route addition succeeded for
[5280] 17:24:50: 0.0.0.0/0.0.0.0 Proto: 3 Metric 20
[5280] 17:24:50: Via 10.0.1.1/0x2 Type 4 Context 0x0
[5280] 17:24:50: Releasing routes to 0/0
[5280] 17:24:50: Releasing route enum for 0/0
[5280] 17:24:50: ProcessDefaultRouteChanges: Not default route 10.0.1.0/24
[5280] 17:24:50: ProcessDefaultRouteChanges: Not default route 224.0.0.0/4
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: ProcessDefaultRouteChanges: Not default route
10.255.255.255/32
[5280] 17:24:50: ProcessDefaultRouteChanges: Not default route
255.255.255.255/32
[2224] 17:31:20: AddInterface: Adding administrator
[2224] 17:31:20: ICB number for administrator is 4
[2224] 17:31:20: ENTERED SetMcastLimitInfo for If ffffffff
[2224] 17:31:20: LEFT SetMcastLimitInfo
[2224] 17:31:20: ENTERED SetBoundaryInfo for If ffffffff
[2224] 17:31:20: LEFT SetBoundaryInfo
[1324] 17:31:20: Error adding route, Stack bit == 0
[1324] 17:31:20: ProcessDefaultRouteChanges: Not default route
24.140.102.183/32
[2224] 17:31:20: AddInterface: Added administrator: Type- 0, Index- -1,
ICB
0x1b832a0
[484] 17:31:20: HandleMcMiscMessages: Received Address change notification
[484] 17:31:20: UpdateBindingInformation: Address
192.168.60.2/255.255.255.255 new for Internal
[484] 17:31:20: GenericInterfaceComingUp: Internal coming UP
[484] 17:31:20: CreateSockets: Joining ALL_ROUTERS on Internal
[484] 17:31:20: GenericInterfaceComingUp: Error 10049 joining all-routers
group on Internal
[484] 17:31:20: AddressChange: No address change for
{DDF4C604-4505-4363-821C-A73DB7870441}
[4236] 17:31:20: RestoreStaticRoutes: restoring for Internal
[4236] 17:31:20: RestoreStaticRoutes: Successfully set routes for Internal
[2224] 17:31:21: InterfaceConnected: InterfaceConnected called for
administrator. State is 3
[1324] 17:31:21: Error adding route, Stack bit == 0
[1324] 17:31:21: Route addition failed with 57 for
[1324] 17:31:21: 192.168.60.0/255.255.255.240 Proto: 3 Metric 1
[1324] 17:31:21: Via 192.168.60.2/0x10003 Type 3 Context 0x0
[1324] 17:31:21: Route addition failed with 57 for local route
[1324] 17:31:21: Error adding route, Stack bit == 0
[1324] 17:31:21: ProcessDefaultRouteChanges: Not default route
192.168.60.2/32
[1324] 17:31:21: ProcessDefaultRouteChanges: Not default route
192.168.60.0/28
[1408] 17:34:04: ENTERED SetScopeInfo
[1408] 17:34:04: LEFT SetScopeInfo
[2224] 17:34:43: DeleteInterface: Deleting administrator,
[1408] 17:35:22: ENTERED SetScopeInfo
[1408] 17:35:22: LEFT SetScopeInfo
[1408] 17:35:56: AccessIpStats: Signalling worker to enable forwarding
[1408] 17:35:56: AccessIpStats: Signalling worker to enable forwarding
 
Hi All,

Figured it out. Thanks to MSFT support. According to MSFT support Trend
Micro Office Scan client can cause this issue. I uninstalled the Officescan
client and the RRAS server started working again. There is not a document
published on this yet and there are no errors recorded in any tracing or
event log file that indicates there is a problem.

According to MSFT support this can also happen with the WebSense Internet
filtering product.

Thanks for the help.

Jeff
Posting the both client and server routing tables may help. Or check these
search results.

routing issues on vpn Can ping VPN server only but not other resources Can't
access the internal server when remote client establishes VPN Can't access
the Internet while using ...
www.chicagotech.net/routingissuesonvpn.htm

Can't ping remote computers VPN client can ping server only The VPN
client can ping the VPN server without problem. ... The ipconfig /all
display both NICs’ IPs are in the same IP ...
www.chicagotech.net/casestudy/notpingvpn.htm



Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on
http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on
http://www.HowToNetworking.com
Good Evening all,

I have ran into a problem that is making me crazy and I am hoping that
someone has seen this before or may have some ideas.

Clients can connect to our RRAS server through both PPTP/L2TP and dial-up
connections and they will be authenticated on the network with no errors.

After connection I can access resources and ping the RRAS server with no
problems, however, I can not connect to or ping any other resource on the
network. There are no errors logged in the event viewer of the client,
RRAS
server or DCs on the network. When enabling the tracing for RRAS the only
errors in any logs are in the IPRouterManager.log file. The most recent
connection is shown in the log at the end of this post.

This RRAS server has been functional for the last 2 years and my customer
claims no changes have been made. I have not known this customer to shirk
responsibility for a problem in the past so I tend to believe him.

The following troubleshooting steps have been attempted:

1. Restart server
2. route -f then restart of server
3. Disable RRAS then restart of server
4. Enable and reconfigure RRAS then restart server
5. Network Monitor of Internal NIC and PPP Interface.
A. No packets were being routed between the two interfaces.
6. Change of IP scope for RRAS
7. Connected workstation directly to the NIC on the RRAS server and
verified
that the RRAS client could not be reached via pings.
A. This was performed simply to verify that the network configuration
was not conributing to the problem.

Server Configuration

Windows Server 2003 (I know this is a Win2K group but there wasn't a group
for RAS on W2K)
Service Pack 1
Single Network Interface
IP NAT'd through PIX Firewall to externally accessible IP
Hayes Optima 56K Modems for dial-in access
NIC IP: 10.0.1.11
Gateway: 255.255.255.0
RRAS Scope: 192.168.60.2 - 192.168.60.100

Thank you in advance for any assistance.

Jeff Rapp


IPROUTERMANAGER.LOG

[452] 17:24:49: RouterBootComplete: Signalling worker to enable forwarding
[484] 17:24:49: WorkerThread: **--Enabling forwarding--**
[5280] 17:24:49: RestoreStaticRoutes: restoring for
{DDF4C604-4505-4363-821C-A73DB7870441}
[5280] 17:24:49: RestoreStaticRoutes: Successfully set routes for
{DDF4C604-4505-4363-821C-A73DB7870441}
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: Route addition failed with 57 for
[5280] 17:24:50: 10.0.1.0/255.255.255.0 Proto: 2 Metric 20
[5280] 17:24:50: Via 10.0.1.11/0x2 Type 3 Context 0x0
[5280] 17:24:50: Route addition failed with 57 for local route
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: ChangeRouteWithForwarder: Deleting all routes to
0.0.0.0/0.0.0.0
[5280] 17:24:50: Route addition succeeded for
[5280] 17:24:50: 0.0.0.0/0.0.0.0 Proto: 3 Metric 20
[5280] 17:24:50: Via 10.0.1.1/0x2 Type 4 Context 0x0
[5280] 17:24:50: Releasing routes to 0/0
[5280] 17:24:50: Releasing route enum for 0/0
[5280] 17:24:50: ProcessDefaultRouteChanges: Not default route 10.0.1.0/24
[5280] 17:24:50: ProcessDefaultRouteChanges: Not default route 224.0.0.0/4
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: ProcessDefaultRouteChanges: Not default route
10.255.255.255/32
[5280] 17:24:50: ProcessDefaultRouteChanges: Not default route
255.255.255.255/32
[2224] 17:31:20: AddInterface: Adding administrator
[2224] 17:31:20: ICB number for administrator is 4
[2224] 17:31:20: ENTERED SetMcastLimitInfo for If ffffffff
[2224] 17:31:20: LEFT SetMcastLimitInfo
[2224] 17:31:20: ENTERED SetBoundaryInfo for If ffffffff
[2224] 17:31:20: LEFT SetBoundaryInfo
[1324] 17:31:20: Error adding route, Stack bit == 0
[1324] 17:31:20: ProcessDefaultRouteChanges: Not default route
24.140.102.183/32
[2224] 17:31:20: AddInterface: Added administrator: Type- 0, Index- -1,
ICB
0x1b832a0
[484] 17:31:20: HandleMcMiscMessages: Received Address change notification
[484] 17:31:20: UpdateBindingInformation: Address
192.168.60.2/255.255.255.255 new for Internal
[484] 17:31:20: GenericInterfaceComingUp: Internal coming UP
[484] 17:31:20: CreateSockets: Joining ALL_ROUTERS on Internal
[484] 17:31:20: GenericInterfaceComingUp: Error 10049 joining all-routers
group on Internal
[484] 17:31:20: AddressChange: No address change for
{DDF4C604-4505-4363-821C-A73DB7870441}
[4236] 17:31:20: RestoreStaticRoutes: restoring for Internal
[4236] 17:31:20: RestoreStaticRoutes: Successfully set routes for Internal
[2224] 17:31:21: InterfaceConnected: InterfaceConnected called for
administrator. State is 3
[1324] 17:31:21: Error adding route, Stack bit == 0
[1324] 17:31:21: Route addition failed with 57 for
[1324] 17:31:21: 192.168.60.0/255.255.255.240 Proto: 3 Metric 1
[1324] 17:31:21: Via 192.168.60.2/0x10003 Type 3 Context 0x0
[1324] 17:31:21: Route addition failed with 57 for local route
[1324] 17:31:21: Error adding route, Stack bit == 0
[1324] 17:31:21: ProcessDefaultRouteChanges: Not default route
192.168.60.2/32
[1324] 17:31:21: ProcessDefaultRouteChanges: Not default route
192.168.60.0/28
[1408] 17:34:04: ENTERED SetScopeInfo
[1408] 17:34:04: LEFT SetScopeInfo
[2224] 17:34:43: DeleteInterface: Deleting administrator,
[1408] 17:35:22: ENTERED SetScopeInfo
[1408] 17:35:22: LEFT SetScopeInfo
[1408] 17:35:56: AccessIpStats: Signalling worker to enable forwarding
[1408] 17:35:56: AccessIpStats: Signalling worker to enable forwarding
 
Jeff,

Thank you for the feedback.

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
Hi All,

Figured it out. Thanks to MSFT support. According to MSFT support Trend
Micro Office Scan client can cause this issue. I uninstalled the Officescan
client and the RRAS server started working again. There is not a document
published on this yet and there are no errors recorded in any tracing or
event log file that indicates there is a problem.

According to MSFT support this can also happen with the WebSense Internet
filtering product.

Thanks for the help.

Jeff
Posting the both client and server routing tables may help. Or check these
search results.

routing issues on vpn Can ping VPN server only but not other resources Can't
access the internal server when remote client establishes VPN Can't access
the Internet while using ...
www.chicagotech.net/routingissuesonvpn.htm

Can't ping remote computers VPN client can ping server only The VPN
client can ping the VPN server without problem. ... The ipconfig /all
display both NICs’ IPs are in the same IP ...
www.chicagotech.net/casestudy/notpingvpn.htm



Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on
http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on
http://www.HowToNetworking.com
Good Evening all,

I have ran into a problem that is making me crazy and I am hoping that
someone has seen this before or may have some ideas.

Clients can connect to our RRAS server through both PPTP/L2TP and dial-up
connections and they will be authenticated on the network with no errors.

After connection I can access resources and ping the RRAS server with no
problems, however, I can not connect to or ping any other resource on the
network. There are no errors logged in the event viewer of the client,
RRAS
server or DCs on the network. When enabling the tracing for RRAS the only
errors in any logs are in the IPRouterManager.log file. The most recent
connection is shown in the log at the end of this post.

This RRAS server has been functional for the last 2 years and my customer
claims no changes have been made. I have not known this customer to shirk
responsibility for a problem in the past so I tend to believe him.

The following troubleshooting steps have been attempted:

1. Restart server
2. route -f then restart of server
3. Disable RRAS then restart of server
4. Enable and reconfigure RRAS then restart server
5. Network Monitor of Internal NIC and PPP Interface.
A. No packets were being routed between the two interfaces.
6. Change of IP scope for RRAS
7. Connected workstation directly to the NIC on the RRAS server and
verified
that the RRAS client could not be reached via pings.
A. This was performed simply to verify that the network configuration
was not conributing to the problem.

Server Configuration

Windows Server 2003 (I know this is a Win2K group but there wasn't a group
for RAS on W2K)
Service Pack 1
Single Network Interface
IP NAT'd through PIX Firewall to externally accessible IP
Hayes Optima 56K Modems for dial-in access
NIC IP: 10.0.1.11
Gateway: 255.255.255.0
RRAS Scope: 192.168.60.2 - 192.168.60.100

Thank you in advance for any assistance.

Jeff Rapp


IPROUTERMANAGER.LOG

[452] 17:24:49: RouterBootComplete: Signalling worker to enable forwarding
[484] 17:24:49: WorkerThread: **--Enabling forwarding--**
[5280] 17:24:49: RestoreStaticRoutes: restoring for
{DDF4C604-4505-4363-821C-A73DB7870441}
[5280] 17:24:49: RestoreStaticRoutes: Successfully set routes for
{DDF4C604-4505-4363-821C-A73DB7870441}
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: Route addition failed with 57 for
[5280] 17:24:50: 10.0.1.0/255.255.255.0 Proto: 2 Metric 20
[5280] 17:24:50: Via 10.0.1.11/0x2 Type 3 Context 0x0
[5280] 17:24:50: Route addition failed with 57 for local route
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: ChangeRouteWithForwarder: Deleting all routes to
0.0.0.0/0.0.0.0
[5280] 17:24:50: Route addition succeeded for
[5280] 17:24:50: 0.0.0.0/0.0.0.0 Proto: 3 Metric 20
[5280] 17:24:50: Via 10.0.1.1/0x2 Type 4 Context 0x0
[5280] 17:24:50: Releasing routes to 0/0
[5280] 17:24:50: Releasing route enum for 0/0
[5280] 17:24:50: ProcessDefaultRouteChanges: Not default route 10.0.1.0/24
[5280] 17:24:50: ProcessDefaultRouteChanges: Not default route 224.0.0.0/4
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: ProcessDefaultRouteChanges: Not default route
10.255.255.255/32
[5280] 17:24:50: ProcessDefaultRouteChanges: Not default route
255.255.255.255/32
[2224] 17:31:20: AddInterface: Adding administrator
[2224] 17:31:20: ICB number for administrator is 4
[2224] 17:31:20: ENTERED SetMcastLimitInfo for If ffffffff
[2224] 17:31:20: LEFT SetMcastLimitInfo
[2224] 17:31:20: ENTERED SetBoundaryInfo for If ffffffff
[2224] 17:31:20: LEFT SetBoundaryInfo
[1324] 17:31:20: Error adding route, Stack bit == 0
[1324] 17:31:20: ProcessDefaultRouteChanges: Not default route
24.140.102.183/32
[2224] 17:31:20: AddInterface: Added administrator: Type- 0, Index- -1,
ICB
0x1b832a0
[484] 17:31:20: HandleMcMiscMessages: Received Address change notification
[484] 17:31:20: UpdateBindingInformation: Address
192.168.60.2/255.255.255.255 new for Internal
[484] 17:31:20: GenericInterfaceComingUp: Internal coming UP
[484] 17:31:20: CreateSockets: Joining ALL_ROUTERS on Internal
[484] 17:31:20: GenericInterfaceComingUp: Error 10049 joining all-routers
group on Internal
[484] 17:31:20: AddressChange: No address change for
{DDF4C604-4505-4363-821C-A73DB7870441}
[4236] 17:31:20: RestoreStaticRoutes: restoring for Internal
[4236] 17:31:20: RestoreStaticRoutes: Successfully set routes for Internal
[2224] 17:31:21: InterfaceConnected: InterfaceConnected called for
administrator. State is 3
[1324] 17:31:21: Error adding route, Stack bit == 0
[1324] 17:31:21: Route addition failed with 57 for
[1324] 17:31:21: 192.168.60.0/255.255.255.240 Proto: 3 Metric 1
[1324] 17:31:21: Via 192.168.60.2/0x10003 Type 3 Context 0x0
[1324] 17:31:21: Route addition failed with 57 for local route
[1324] 17:31:21: Error adding route, Stack bit == 0
[1324] 17:31:21: ProcessDefaultRouteChanges: Not default route
192.168.60.2/32
[1324] 17:31:21: ProcessDefaultRouteChanges: Not default route
192.168.60.0/28
[1408] 17:34:04: ENTERED SetScopeInfo
[1408] 17:34:04: LEFT SetScopeInfo
[2224] 17:34:43: DeleteInterface: Deleting administrator,
[1408] 17:35:22: ENTERED SetScopeInfo
[1408] 17:35:22: LEFT SetScopeInfo
[1408] 17:35:56: AccessIpStats: Signalling worker to enable forwarding
[1408] 17:35:56: AccessIpStats: Signalling worker to enable forwarding
 
Back
Top