Article ID: 292822 - View products that this article applies to.
This article was previously published under Q292822
A computer that is running Microsoft Windows 2000 Server or Microsoft Windows Server 2003 may exhibit connectivity issues if the server is configured in the following manner:
When a remote computer connects to the Routing and Remote Access server by using a dial-up or a VPN connection, the server creates a Point-to-Point Protocol (PPP) adapter to communicate with the remote computer. The server may then register the IP address of this PPP adapter in the DNS or the WINS database.
When the Routing and Remote Access server registers the IP address of its PPP adapter in DNS or WINS, you may receive errors on the local computers when you try to connect to the server. You receive these errors because the DNS or WINS servers may return the IP address of the PPP adapter to computers that query DNS or WINS for the server's IP address. The computers then try to connect to the IP address of the PPP adapter. Because the local computers cannot reach the PPP adapter, the connections fail.
Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/322756/ )How to back up and restore the registry in Windows
To resolve this issue, configure the Routing and Remote Access server to prevent it from registering the IP address of its PPP adapter in the DNS or the WINS database. To do this, follow these steps:
Configure the Routing and Remote Access server to publish only the IP address of the local network adapter in DNSComplete the steps in this section only if the Routing and Remote Access server is running the DNS service. If the server is not running the DNS service, go to the "Configure the Routing and Remote Access server to register only the IP address of the local network adapter in WINS" section.
Add the PublishAddresses and RegisterDnsARecords registry values for the DNS and Netlogon services
(http://support.microsoft.com/kb/289735/ )Routing and Remote Access IP addresses register in DNS
Add the A Records in DNSComplete these steps only if the Routing and Remote Access server is a domain controller.
Configure the Routing and Remote Access Server to register only the IP address of the local network adapter in WINSComplete the steps in this section only if the Routing and Remote Access server is running the WINS service. Additionally, if the server is running Small Business Server 2000 SP1, Small Business Server 2000 SP1a, or Windows Small Business Server 2003, you do not have to complete the steps in this section. By default, these versions of the Windows server are configured to prevent the server from registering the PPP adapter's IP address in the WINS database.
Add the DisableNetbiosOverTcpip registry value for the Routing and Remote Access serviceThe DisableNetbiosOverTcpip registry value disables the NetBIOS over TCP/IP (NetBT) protocol for remote access connections. Therefore, the server will not register the PPP adaptor in the WINS database. Know that by adding this value, you will prevent remote access clients from browsing the local network through My Network Places or Network Neighborhood. Sometimes, it may also cause remote access connections to be unsuccessful on computers that are running older versions of Windows. For example, remote access connections may be unsuccessful on Microsoft Windows 98 computers and on Microsoft Windows NT 4.0 Workstation computers. For an alternative to using the DisableNetbiosOverTcpip registry, see the "Workaround" section.
Important If the server is running Windows 2000 Server SP2 or an earlier version, you must update the server with SP3 or SP4 for the DisableNetbiosOverTcpip registry value to work. If you do not update the server, the Routing and Remote Access service will not use this registry value, and the issue will not be resolved.
For additional information about how to obtain the latest service pack for Windows 2000 Server, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/260910/ )How to obtain the latest Windows 2000 service pack
Clear the WINS database
As a workaround for this issue, you can configure the remote access connections to use a static pool of IP addresses that is on a different IP subnet than the local computers. In this case, local computers will not try to connect to the PPP adapter if it registers in DNS or WINS because the PPP adapter is on a different IP subnet.
To specify a static address pool in the Routing and Remote Access console, right-click ServerName, click Properties, click the IP tab, click Static address pool, and then click Add. Add a range that does not use the same IP subnet as the local computers. For example, if the local computers are using the 10.0.0.0 subnet, add a static pool that uses the 184.108.40.206 subnet. If the Routing and Remote Access server is running ISA Server 2000, you must add this subnet to the Local Address Table. This scenario is most common on Small Business Server 2000.
For additional information about how to configure VPN access on a Small Business Server 2000 computer, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/320697/ )How to turn on and configure inbound VPN access in Small Business Server 2000
Article ID: 292822 - Last Review: December 3, 2007 - Revision: 4.8