C
Citizen0100
Hello,
Our DA/VPN servers have worked well for years (setup before I joined the company) but we recently decided to add two new Server 2012 R2 servers to the cluster. I went through the process to add the servers in Remote Access Management Console and the first server joined without and issue but when users connect their VPN, DNS doesnt work.
So I checked the routing and a strange active route has been added during the server add i.e. 10.2.44.80. This IP doesnt relate to anything on our network.
I tried removing the server from the cluster and sure enough the route was deleted and then added itself when I re-added it.
I can see this IP in the DA sever GPO but I cant see this line when I edit the GPO and as I said I dont know what it is or what the probe address is as this isnt whats set in the console:
Software\Policies\Microsoft\Windows\RemoteAccess\Config\GlobalWebProbeURL directaccess-WebProbeHost.kingspan.net
Software\Policies\Microsoft\Windows\RemoteAccess\Config\InternalVIPs 10.2.44.80/255.255.255.0
Software\Policies\Microsoft\Windows\RemoteAccess\Config\InternetVIPs 10.2.44.80/255.255.255.0
I should point out that the old servers have no mention of 10.2.44.80 in their routing table.
the table:
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.2.2.249 10.2.2.82 266
10.0.0.0 255.0.0.0 10.2.44.249 10.2.44.82 6
10.0.0.0 255.0.0.0 10.2.44.249 10.2.44.80 51
10.2.44.0 255.255.255.0 On-link 10.2.44.82 261
10.2.44.0 255.255.255.0 On-link 10.2.44.80 306
10.2.44.80 255.255.255.255 On-link 10.2.44.80 306
10.2.44.82 255.255.255.255 On-link 10.2.44.82 261
10.2.44.255 255.255.255.255 On-link 10.2.44.82 261
10.2.44.255 255.255.255.255 On-link 10.2.44.80 306
10.2.2.0 255.255.255.0 On-link 10.2.2.82 266
10.2.2.82 255.255.255.255 On-link 10.2.2.82 266
10.2.2.255 255.255.255.255 On-link 10.2.2.82 266
10.2.111.1 255.255.255.255 On-link 10.2.111.1 306
127.0.0.0 255.0.0.0 On-link 10.2.44.80 306
127.0.0.1 255.255.255.255 On-link 10.2.44.80 306
127.255.255.255 255.255.255.255 On-link 10.2.44.80 306
172.16.0.0 255.240.0.0 10.2.44.249 10.2.44.82 6
172.16.0.0 255.240.0.0 10.2.44.249 10.2.44.80 51
192.168.0.0 255.255.0.0 10.2.44.249 10.2.44.82 6
192.168.0.0 255.255.0.0 10.2.44.249 10.2.44.80 51
224.0.0.0 240.0.0.0 On-link 10.2.44.80 306
224.0.0.0 240.0.0.0 On-link 10.2.44.82 261
224.0.0.0 240.0.0.0 On-link 10.2.2.82 266
224.0.0.0 240.0.0.0 On-link 10.2.111.1 306
255.255.255.255 255.255.255.255 On-link 10.2.44.80 306
255.255.255.255 255.255.255.255 On-link 10.2.44.82 261
255.255.255.255 255.255.255.255 On-link 10.2.2.82 266
255.255.255.255 255.255.255.255 On-link 10.2.111.1 306
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
10.0.0.0 255.0.0.0 10.2.44.249 1
172.16.0.0 255.240.0.0 10.2.44.249 1
192.168.0.0 255.255.0.0 10.2.44.249 1
0.0.0.0 0.0.0.0 10.2.2.249 Default
Any ideas what I can do???
Continue reading...
Our DA/VPN servers have worked well for years (setup before I joined the company) but we recently decided to add two new Server 2012 R2 servers to the cluster. I went through the process to add the servers in Remote Access Management Console and the first server joined without and issue but when users connect their VPN, DNS doesnt work.
So I checked the routing and a strange active route has been added during the server add i.e. 10.2.44.80. This IP doesnt relate to anything on our network.
I tried removing the server from the cluster and sure enough the route was deleted and then added itself when I re-added it.
I can see this IP in the DA sever GPO but I cant see this line when I edit the GPO and as I said I dont know what it is or what the probe address is as this isnt whats set in the console:
Software\Policies\Microsoft\Windows\RemoteAccess\Config\GlobalWebProbeURL directaccess-WebProbeHost.kingspan.net
Software\Policies\Microsoft\Windows\RemoteAccess\Config\InternalVIPs 10.2.44.80/255.255.255.0
Software\Policies\Microsoft\Windows\RemoteAccess\Config\InternetVIPs 10.2.44.80/255.255.255.0
I should point out that the old servers have no mention of 10.2.44.80 in their routing table.
the table:
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.2.2.249 10.2.2.82 266
10.0.0.0 255.0.0.0 10.2.44.249 10.2.44.82 6
10.0.0.0 255.0.0.0 10.2.44.249 10.2.44.80 51
10.2.44.0 255.255.255.0 On-link 10.2.44.82 261
10.2.44.0 255.255.255.0 On-link 10.2.44.80 306
10.2.44.80 255.255.255.255 On-link 10.2.44.80 306
10.2.44.82 255.255.255.255 On-link 10.2.44.82 261
10.2.44.255 255.255.255.255 On-link 10.2.44.82 261
10.2.44.255 255.255.255.255 On-link 10.2.44.80 306
10.2.2.0 255.255.255.0 On-link 10.2.2.82 266
10.2.2.82 255.255.255.255 On-link 10.2.2.82 266
10.2.2.255 255.255.255.255 On-link 10.2.2.82 266
10.2.111.1 255.255.255.255 On-link 10.2.111.1 306
127.0.0.0 255.0.0.0 On-link 10.2.44.80 306
127.0.0.1 255.255.255.255 On-link 10.2.44.80 306
127.255.255.255 255.255.255.255 On-link 10.2.44.80 306
172.16.0.0 255.240.0.0 10.2.44.249 10.2.44.82 6
172.16.0.0 255.240.0.0 10.2.44.249 10.2.44.80 51
192.168.0.0 255.255.0.0 10.2.44.249 10.2.44.82 6
192.168.0.0 255.255.0.0 10.2.44.249 10.2.44.80 51
224.0.0.0 240.0.0.0 On-link 10.2.44.80 306
224.0.0.0 240.0.0.0 On-link 10.2.44.82 261
224.0.0.0 240.0.0.0 On-link 10.2.2.82 266
224.0.0.0 240.0.0.0 On-link 10.2.111.1 306
255.255.255.255 255.255.255.255 On-link 10.2.44.80 306
255.255.255.255 255.255.255.255 On-link 10.2.44.82 261
255.255.255.255 255.255.255.255 On-link 10.2.2.82 266
255.255.255.255 255.255.255.255 On-link 10.2.111.1 306
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
10.0.0.0 255.0.0.0 10.2.44.249 1
172.16.0.0 255.240.0.0 10.2.44.249 1
192.168.0.0 255.255.0.0 10.2.44.249 1
0.0.0.0 0.0.0.0 10.2.2.249 Default
Any ideas what I can do???
Continue reading...