Home | Site Map | Cisco How To Net How To | Wireless | Search | Forums | Services | Setup Guide | Chicagotech MVP | About Us | Contact Us|

 

Can ping the RRAS server but other resources because of Office Scan client

I have ran into a problem that is making me crazy and I am hoping that
someone has seen this before or may have some ideas.

Clients can connect to our RRAS server through both PPTP/L2TP and dial-up
connections and they will be authenticated on the network with no errors.

After connection I can access resources and ping the RRAS server with no
problems, however, I can not connect to or ping any other resource on the
network. There are no errors logged in the event viewer of the client, RRAS
server or DCs on the network. When enabling the tracing for RRAS the only
errors in any logs are in the IPRouterManager.log file. The most recent
connection is shown in the log at the end of this post.

This RRAS server has been functional for the last 2 years and my customer
claims no changes have been made. I have not known this customer to shirk
responsibility for a problem in the past so I tend to believe him.

The following troubleshooting steps have been attempted:

1. Restart server
2. route -f  then restart of server
3. Disable RRAS then restart of server
4. Enable and reconfigure RRAS then restart server
5. Network Monitor of Internal NIC and PPP Interface.
    A. No packets were being routed between the two interfaces.
6. Change of IP scope for RRAS
7. Connected workstation directly to the NIC on the RRAS server and verified
that the RRAS client could not be reached via pings.
    A. This was performed simply to verify that the network configuration
was not contributing to the problem.

Server Configuration

Windows Server 2003 (I know this is a Win2K group but there wasn't a group
for RAS on W2K)
Service Pack 1
Single Network Interface
IP NAT'd through PIX Firewall to externally accessible IP
Hayes Optima 56K Modems for dial-in access
NIC IP: 10.0.1.11
Gateway: 255.255.255.0
RRAS Scope: 192.168.60.2 - 192.168.60.100

Thank you in advance for any assistance.

Jeff Rapp


IPROUTERMANAGER.LOG

[452] 17:24:49: RouterBootComplete: Signalling worker to enable forwarding
[484] 17:24:49: WorkerThread: **--Enabling forwarding--**
[5280] 17:24:49: RestoreStaticRoutes: restoring for
{DDF4C604-4505-4363-821C-A73DB7870441}
[5280] 17:24:49: RestoreStaticRoutes: Successfully set routes for
{DDF4C604-4505-4363-821C-A73DB7870441}
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: Route addition failed with 57 for
[5280] 17:24:50: 10.0.1.0/255.255.255.0 Proto: 2 Metric 20
[5280] 17:24:50: Via 10.0.1.11/0x2 Type 3 Context 0x0
[5280] 17:24:50: Route addition failed with 57 for local route
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: ChangeRouteWithForwarder: Deleting all routes to
0.0.0.0/0.0.0.0
[5280] 17:24:50: Route addition succeeded for
[5280] 17:24:50: 0.0.0.0/0.0.0.0 Proto: 3 Metric 20
[5280] 17:24:50: Via 10.0.1.1/0x2 Type 4 Context 0x0
[5280] 17:24:50: Releasing routes to 0/0
[5280] 17:24:50: Releasing route enum for 0/0
[5280] 17:24:50: ProcessDefaultRouteChanges: Not default route 10.0.1.0/24
[5280] 17:24:50: ProcessDefaultRouteChanges: Not default route 224.0.0.0/4
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: Error adding route, Stack bit == 0
[5280] 17:24:50: ProcessDefaultRouteChanges: Not default route
10.255.255.255/32
[5280] 17:24:50: ProcessDefaultRouteChanges: Not default route
255.255.255.255/32
[2224] 17:31:20: AddInterface: Adding administrator
[2224] 17:31:20: ICB number for administrator is 4
[2224] 17:31:20: ENTERED SetMcastLimitInfo for If ffffffff
[2224] 17:31:20: LEFT SetMcastLimitInfo
[2224] 17:31:20: ENTERED SetBoundaryInfo for If ffffffff
[2224] 17:31:20: LEFT SetBoundaryInfo
[1324] 17:31:20: Error adding route, Stack bit == 0
[1324] 17:31:20: ProcessDefaultRouteChanges: Not default route
24.140.102.183/32
[2224] 17:31:20: AddInterface: Added administrator: Type- 0, Index- -1, ICB
0x1b832a0
[484] 17:31:20: HandleMcMiscMessages: Received Address change notification
[484] 17:31:20: UpdateBindingInformation: Address
192.168.60.2/255.255.255.255 new for Internal
[484] 17:31:20: GenericInterfaceComingUp: Internal coming UP
[484] 17:31:20: CreateSockets: Joining ALL_ROUTERS on Internal
[484] 17:31:20: GenericInterfaceComingUp: Error 10049 joining all-routers
group on Internal
[484] 17:31:20: AddressChange: No address change for
{DDF4C604-4505-4363-821C-A73DB7870441}
[4236] 17:31:20: RestoreStaticRoutes: restoring for Internal
[4236] 17:31:20: RestoreStaticRoutes: Successfully set routes for Internal
[2224] 17:31:21: InterfaceConnected: InterfaceConnected called for
administrator. State is 3
[1324] 17:31:21: Error adding route, Stack bit == 0
[1324] 17:31:21: Route addition failed with 57 for
[1324] 17:31:21: 192.168.60.0/255.255.255.240 Proto: 3 Metric 1
[1324] 17:31:21: Via 192.168.60.2/0x10003 Type 3 Context 0x0
[1324] 17:31:21: Route addition failed with 57 for local route
[1324] 17:31:21: Error adding route, Stack bit == 0
[1324] 17:31:21: ProcessDefaultRouteChanges: Not default route
192.168.60.2/32
[1324] 17:31:21: ProcessDefaultRouteChanges: Not default route
192.168.60.0/28
[1408] 17:34:04: ENTERED SetScopeInfo
[1408] 17:34:04: LEFT SetScopeInfo
[2224] 17:34:43: DeleteInterface: Deleting administrator,
[1408] 17:35:22: ENTERED SetScopeInfo
[1408] 17:35:22: LEFT SetScopeInfo
[1408] 17:35:56: AccessIpStats: Signalling worker to enable forwarding
[1408] 17:35:56: AccessIpStats: Signalling worker to enable forwarding

 

Figured it out. Thanks to MSFT support. According to MSFT support Trend
Micro Office Scan client can cause this issue. I uninstalled the Officescan
client and the RRAS server started working again. There is not a document
published on this yet and there are no errors recorded in any tracing or
event log file that indicates there is a problem.

According to MSFT support this can also happen with the WebSense Internet
filtering product.

Thanks for the help.

Related Topics

vpn client can ping server only

Situation: one of our clients setup a VPN on windows server. The VPN client can ping the VPN server without problem. However, they canít access other ...
www.chicagotech.net/casestudy/vpn1.htm

Can ping VPN server but can't access it

Can ping VPN server but receive System error 53 using net use. Q1: I can establish VPN and ping remote computers. However, I can't access remote computer ...
www.chicagotech.net/VPN/vpn&firewall.htm

can't ping remote computers

I can connect to my VPN server without any problems. Once connected, I can ping both of the local network interfaces of the VPN server. But I can't ping any ...
chicagotech.net/Q&A/vpn21.htm

 

 

 

 

  This web is provided "AS IS" with no warranties.
Copyright © 2002-2017 ChicagoTech.net, All rights reserved. Unauthorized reproduction forbidden.