Vista VPN subnet issue when not the connected client

[Guest]

When connecting to a windows 2003 server if the vista client is the first
machine it gets the correct subnet: 255.255.240.0 and gets a correct routing
table. If the client connects after any machine then it gets assigned a
subnet of 255.255.255.0. This only happens with vista machines and this
occurs regardless of patch levels.

There are no errors as such, just this unusual behaviour.

I am hoping that someone else has experience with this as this only appears
with Vista clients.

Cheers,

Jim

 

[Robert L [MVP - Networking]]

This is interesting case. Can you post the result of ipconfig /all?

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
When connecting to a windows 2003 server if the vista client is the first
machine it gets the correct subnet: 255.255.240.0 and gets a correct routing
table. If the client connects after any machine then it gets assigned a
subnet of 255.255.255.0. This only happens with vista machines and this
occurs regardless of patch levels.

There are no errors as such, just this unusual behaviour.

I am hoping that someone else has experience with this as this only appears
with Vista clients.

Cheers,

Jim

 

[Guest]

Hi Robert,

Certainly, this is the output from a machine with no tweaks and the vpn
enabled:

Windows IP Configuration

Host Name . . . . . . . . . . . . : titan-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

PPP adapter VPN Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VPN Connection
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.32.6(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 85.232.32.10
85.232.32.11
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Dual Port
Network Connection #2
Physical Address. . . . . . . . . : 00-30-48-2C-3B-21
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::f1d9:fd50:9058:4a9c%9(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.10.52(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 14 May 2007 15:37:04
Lease Expires . . . . . . . . . . : 17 May 2007 16:36:57
Default Gateway . . . . . . . . . : 192.168.10.1
DHCP Server . . . . . . . . . . . : 192.168.10.1
DHCPv6 IAID . . . . . . . . . . . : 234893384
DNS Servers . . . . . . . . . . . : 217.77.176.10
85.232.32.10
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Dual Port
Network Connection
Physical Address. . . . . . . . . : 00-30-48-2C-3B-20
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . :
isatap.{596FD16A-DE67-4D47-9FBD-3CFF96E4E6BB}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . :
isatap.{0AF5F0B3-10F0-4A12-A07B-224671D87F6B}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.10.52%10(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 217.77.176.10
85.232.32.10
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.32.6%17(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 85.232.32.10
85.232.32.11
NetBIOS over Tcpip. . . . . . . . : Disabled

Cheers,

Jim

 

[Robert L [MVP - Networking]]

Do you mean subnet 255.255.255.255 or 255.255.255.0? If it is 255.255.255.255, this is by design. What's the problem if Vista establishes the VPN after other VPN client? Can you ping the remote server by IP?

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
Hi Robert,

Certainly, this is the output from a machine with no tweaks and the vpn
enabled:

Windows IP Configuration

Host Name . . . . . . . . . . . . : titan-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

PPP adapter VPN Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VPN Connection
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.32.6(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 85.232.32.10
85.232.32.11
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Dual Port
Network Connection #2
Physical Address. . . . . . . . . : 00-30-48-2C-3B-21
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::f1d9:fd50:9058:4a9c%9(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.10.52(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 14 May 2007 15:37:04
Lease Expires . . . . . . . . . . : 17 May 2007 16:36:57
Default Gateway . . . . . . . . . : 192.168.10.1
DHCP Server . . . . . . . . . . . : 192.168.10.1
DHCPv6 IAID . . . . . . . . . . . : 234893384
DNS Servers . . . . . . . . . . . : 217.77.176.10
85.232.32.10
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Dual Port
Network Connection
Physical Address. . . . . . . . . : 00-30-48-2C-3B-20
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . :
isatap.{596FD16A-DE67-4D47-9FBD-3CFF96E4E6BB}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . :
isatap.{0AF5F0B3-10F0-4A12-A07B-224671D87F6B}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.10.52%10(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 217.77.176.10
85.232.32.10
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.32.6%17(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 85.232.32.10
85.232.32.11
NetBIOS over Tcpip. . . . . . . . : Disabled

Cheers,

Jim

 

[Guest]

Hi,

The problem seems to be one of routing, from a route print perspective if
the vpn server is connected to first by the vista machine then it gets the
first route table, if it connects at any subsequent point it gets the second.
I presumed that it was the subnet that was the cause. I even added a static
route on the windows 2003 rras server but that did not make a difference. As
for pings, I can ping the server but nothing beyond the scope of the
255.255.255.0 subnet that I get assigned.

1)
===========================================================================
Interface List
19 ........................... VPN Connection
9 ...00 15 f2 a7 f0 c2 ...... Marvell Yukon 88E8053 PCI-E Gigabit Ethernet
Con
troller
8 ...00 15 f2 a7 f1 18 ...... NVIDIA nForce Networking Controller
1 ........................... Software Loopback Interface 1
10 ...00 00 00 00 00 00 00 e0 isatap.{8F102E33-2443-4AE2-89DE-E64CF0AB004D}
11 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
12 ...00 00 00 00 00 00 00 e0 isatap.{44642B0B-DF26-4FD3-B477-886504E16CD9}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.10.1 192.168.10.109 266
85.232.44.12 255.255.255.255 192.168.10.1 192.168.10.109 11
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.10.0 255.255.255.0 On-link 192.168.10.109 266
192.168.10.109 255.255.255.255 On-link 192.168.10.109 266
192.168.10.255 255.255.255.255 On-link 192.168.10.109 266
192.168.32.0 255.255.240.0 On-link 192.168.32.3 11
192.168.32.3 255.255.255.255 On-link 192.168.32.3 266
192.168.47.255 255.255.255.255 On-link 192.168.32.3 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.10.109 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.10.109 266
255.255.255.255 255.255.255.255 On-link 192.168.32.3 266
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 192.168.10.1 Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
9 266 fe80::/64 On-link
9 266 fe80::b024:e5b2:870a:d6d5/128
On-link
1 306 ff00::/8 On-link
9 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

2) ===========================================================================
Interface List
19 ........................... VPN Connection
9 ...00 15 f2 a7 f0 c2 ...... Marvell Yukon 88E8053 PCI-E Gigabit Ethernet
Con
troller
8 ...00 15 f2 a7 f1 18 ...... NVIDIA nForce Networking Controller
1 ........................... Software Loopback Interface 1
10 ...00 00 00 00 00 00 00 e0 isatap.{8F102E33-2443-4AE2-89DE-E64CF0AB004D}
11 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
12 ...00 00 00 00 00 00 00 e0 isatap.{44642B0B-DF26-4FD3-B477-886504E16CD9}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.10.1 192.168.10.109 266
85.232.44.12 255.255.255.255 192.168.10.1 192.168.10.109 11
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.10.0 255.255.255.0 On-link 192.168.10.109 266
192.168.10.109 255.255.255.255 On-link 192.168.10.109 266
192.168.10.255 255.255.255.255 On-link 192.168.10.109 266
192.168.32.0 255.255.255.0 192.168.32.10 192.168.32.5 11
192.168.32.5 255.255.255.255 On-link 192.168.32.5 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.10.109 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.10.109 266
255.255.255.255 255.255.255.255 On-link 192.168.32.5 266
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 192.168.10.1 Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
9 266 fe80::/64 On-link
9 266 fe80::b024:e5b2:870a:d6d5/128
On-link
1 306 ff00::/8 On-link
9 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

Cheers,

Jim

 

[Robert L [MVP - Networking]]

Can I also assume this is multihomed computer?

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
Hi,

The problem seems to be one of routing, from a route print perspective if
the vpn server is connected to first by the vista machine then it gets the
first route table, if it connects at any subsequent point it gets the second.
I presumed that it was the subnet that was the cause. I even added a static
route on the windows 2003 rras server but that did not make a difference. As
for pings, I can ping the server but nothing beyond the scope of the
255.255.255.0 subnet that I get assigned.

1)
===========================================================================
Interface List
19 ........................... VPN Connection
9 ...00 15 f2 a7 f0 c2 ...... Marvell Yukon 88E8053 PCI-E Gigabit Ethernet
Con
troller
8 ...00 15 f2 a7 f1 18 ...... NVIDIA nForce Networking Controller
1 ........................... Software Loopback Interface 1
10 ...00 00 00 00 00 00 00 e0 isatap.{8F102E33-2443-4AE2-89DE-E64CF0AB004D}
11 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
12 ...00 00 00 00 00 00 00 e0 isatap.{44642B0B-DF26-4FD3-B477-886504E16CD9}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.10.1 192.168.10.109 266
85.232.44.12 255.255.255.255 192.168.10.1 192.168.10.109 11
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.10.0 255.255.255.0 On-link 192.168.10.109 266
192.168.10.109 255.255.255.255 On-link 192.168.10.109 266
192.168.10.255 255.255.255.255 On-link 192.168.10.109 266
192.168.32.0 255.255.240.0 On-link 192.168.32.3 11
192.168.32.3 255.255.255.255 On-link 192.168.32.3 266
192.168.47.255 255.255.255.255 On-link 192.168.32.3 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.10.109 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.10.109 266
255.255.255.255 255.255.255.255 On-link 192.168.32.3 266
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 192.168.10.1 Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
9 266 fe80::/64 On-link
9 266 fe80::b024:e5b2:870a:d6d5/128
On-link
1 306 ff00::/8 On-link
9 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

2) ===========================================================================
Interface List
19 ........................... VPN Connection
9 ...00 15 f2 a7 f0 c2 ...... Marvell Yukon 88E8053 PCI-E Gigabit Ethernet
Con
troller
8 ...00 15 f2 a7 f1 18 ...... NVIDIA nForce Networking Controller
1 ........................... Software Loopback Interface 1
10 ...00 00 00 00 00 00 00 e0 isatap.{8F102E33-2443-4AE2-89DE-E64CF0AB004D}
11 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
12 ...00 00 00 00 00 00 00 e0 isatap.{44642B0B-DF26-4FD3-B477-886504E16CD9}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.10.1 192.168.10.109 266
85.232.44.12 255.255.255.255 192.168.10.1 192.168.10.109 11
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.10.0 255.255.255.0 On-link 192.168.10.109 266
192.168.10.109 255.255.255.255 On-link 192.168.10.109 266
192.168.10.255 255.255.255.255 On-link 192.168.10.109 266
192.168.32.0 255.255.255.0 192.168.32.10 192.168.32.5 11
192.168.32.5 255.255.255.255 On-link 192.168.32.5 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.10.109 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.10.109 266
255.255.255.255 255.255.255.255 On-link 192.168.32.5 266
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 192.168.10.1 Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
9 266 fe80::/64 On-link
9 266 fe80::b024:e5b2:870a:d6d5/128
On-link
1 306 ff00::/8 On-link
9 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

Cheers,

Jim

 

[Aanand Ramachandran]

Hi Titan,
This is a known issue in Vista which has been fixed in SP1 Beta. For RTM
please refer KB #933340. (http://support.microsoft.com/kb/933340/en-us).
Follow the instructions to get the hotfix and to set certain registry keys.
This should solve your problem. If not please contact me at
(e-mail address removed)

thanks
Aanand

 

[Robert L [MVP - Networking]]

Aanand, thank you for the input.


Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
Hi Titan,
This is a known issue in Vista which has been fixed in SP1 Beta. For RTM
please refer KB #933340. (http://support.microsoft.com/kb/933340/en-us).
Follow the instructions to get the hotfix and to set certain registry keys.
This should solve your problem. If not please contact me at
(e-mail address removed)

thanks
Aanand

 

[Guest]

Aanand, thanks for your time, that worked perfectly.