LabMice.net - The Windows 2000\XP\.NET Resource Index

Home | About Us | Search

Last Updated December 16, 2003

Windows 2003
Windows 2000
Windows XP
BackOffice
Book Reviews
Career Tools
Device Drivers
Hardware Guides
MCSE Toolkit
Networking
  Networking Basics
  Networking Books
  Network Mgmt
  Network Monitoring
  Browser Service
  Cabling
  DHCP
  DNS/DDNS
  ICS
  IPSec
  LMHOSTS Files
  NAT
  NetMon
  NLB\WLBS
  OSI Model
  RAS/RRAS
  SNMP
  TCP/IP
  VPN
  WINS
  Wireless
Service Packs
Scripting
Security
Utilities
Cybercheese

_______________

 

 

windows 2000 RAS RRAS icon

Routing and Remote Access Services (RRAS)

Microsoft Remote Access Service isn't too difficult to setup for a small handful of users. But things can get tricky when you implement encryption, dial back security, modem pooling, etc., and really push the service to its design parameters. Here's a few articles and resources to keep you from getting tripped up.
Books on RAS/RRAS

Windows 2000 Routing and Remote Access
By Kackie Charles. Published by New Riders Publishing, May 2000
. Paperback 370 pages. ISBN 0735709513 Written for experienced administrators, this book is divided into 3 sections. The first section covers setup of routing, remote access, and dial up networking. The second section covers advanced Administration tools for RRAS, VPN's, and Internet Authentication Service (IAS). The third section covers security, troubleshooting, and concludes with a glossary. The specific coverage of IP Routing, Routing concepts, and Virtual Private Networking is excellent and invaluable. The chapters are well written for such a painfully dry topic, and the author includes plenty of screen shots and examples. 
FAQ's, Tutorials, and Guides for Beginners
Connecting Remote Users to Your Network
Using the remote access services of Microsoft Windows 2000 Server, you can configure remote access servers that provide connectivity to the corporate network for authorized users. This guide outlines the steps needed to set up remote access with Windows 2000, and discusses deploying remote access clients. Source: Microsoft.com (Feb 2000)

Connecting Remote Sites 
Sample chapter from the Windows 2000 Resource Kit deployment guide that is intended for network engineers and support professionals who are already familiar with wide area network technology, and assumes that you have read "Providing Dial-Up Client Access" and "Expanding and Securing Remote Client Access." Source: Microsoft.com

RAS FAQ 
From Windows2000FAQ.com

Introduction to Windows NT Routing with Routing and Remote Access Service  
From the TechNet CD Online.    

MS TechNet's Networking and RAS Technology Center
An invaluable resource and an ideal starting place. Microsoft TechNet's center for training, tips, information and support for RAS.

Providing Dialup Client Access
Sample chapter from the Windows 2000 Resource Kit deployment guide. It is intended for network engineers and support professionals who are already familiar with TCP/IP, IP routing, Internetwork Packet Exchange (IPX) routing, Dynamic Host Configuration Protocol (DHCP), Domain Name System (DNS), Windows Internet Name Service (WINS), and wide area network (WAN) technology. It assumes that you have read the section about remote access in Microsoft© Windows© 2000 Server Help. Source: Microsoft.com

Articles related to Dial up, RAS/RRAS and Virtual Private Networking

Avoiding Remote Access Servers Overload: Monitoring RAS Performance
Security isn©t the only issue for remote access servers in your Windows 2000 network: Performance bears watching, too. Source: EarthWeb (Oct 31, 2000)

Change in Remote Access Route Behavior with Windows 2000
Microsoft Knowledge Base Article: 254231 -  The default behavior of the remote access client in Windows 2000 is different from earlier versions of Windows. Earlier versions of Windows add a default subnet route to the remote access client when they connect to a remote access server. 

Create a Remote Access Server for a Windows 2000-Based Server in a Workgroup
Microsoft Knowledge Base Article: 254316 This article explains how to create a simple remote access server for a Windows 2000 Server-based computer that belongs to a workgroup and not a domain. 

Description of the Functions of Remote Access Auto Connection Manager Service and Autodial Microsoft Knowledge Base Article: 254181 - This article describes the functions of the Remote Access Auto Connection Manager service and autodial. 

Dial-Up Changes
Remote-access improvements in Win2K Pro make life easier for offsite users. Source: Windows & .NET Magazine (May 2000)

Enable Windows NT 4.0-Based RAS Servers in a Windows 2000-Based Domain
Microsoft Knowledge Base Article: 254311 - This article explains how to enable Microsoft Windows NT Server 4.0-based Remote Access Service (RAS) servers in a Microsoft Windows 2000-based domain by making certain adjustments to Active Directory. 

Expanding and Securing Remote Client Access 
Sample Chapter from the Windows 2000 Resource Kit intended for network engineers and support professionals who are already familiar with TCP/IP, IP routing, Internetwork Packet Exchange (IPX) routing, Dynamic Host Configuration Protocol (DHCP), Domain Name System (DNS), Windows Internet Name System (WINS), and wide area network (WAN) technology, and assumes that you have read "Providing Dial-Up Client Access," as well as the virtual private networking information in Windows 2000 Server Help.

How to Configure the Dynamic RAS Connector over TCP/IP
From Microsoft TechNet Online.

HOW TO: Configure IP Reservations for RRAS Clients in Windows 2000 
Microsoft Knowledge Base Article: 303684 - This article describes how to configure IP address reservations for Routing and Remote Access Service (RRAS) clients.  

HOW TO: Configure Routing and Remote Access Tracing in Windows 2000 
Microsoft Knowledge Base Article: 313564 - This step-by-step article describes how to make Routing and Remote Access tracing available in Windows 2000. 

How to Determine Whether a Client Is Connected by RAS or LAN
Microsoft Knowledge Base Article: 173530 - You may want to know whether a user is connected by Remote Access Service (RAS) or to the local area network (LAN) if you use logon scripts to map drives or to set environment variables when a user logs on to a domain. (updated 1/25/00)

How to Enable Automatic Logon to a RAS Server
Microsoft Knowledge Base Article: 244734 - Remote Access Services (RAS) features a Phone Book program for entering and maintaining the names and telephone numbers of remote networks. Clients can connect to and disconnect from these networks by using Phone Book manually. 

How To Enable Ghosted Connections in Windows NT/2000 
Microsoft Knowledge Base Article: 127018 - When you use Remote Access Services (RAS) you have the option to disable automatic restoration of network connections at logon (known as ghosted connections.) If you do not install RAS, you can enable ghosted connections.

How to Implement RIP Over RRAS in Windows 2000
Microsoft Knowledge Base Article: 241545 - This article discusses how to implement NetWare Router Information Protocol (RIP) over Microsoft Routing and Remote Access Service (RRAS) Dial-on-Demand (DOD) connections in Windows 2000. 

How to Implement Routing for Windows 2000
Microsoft Knowledge Base Article: 274141 - Windows 2000 supports routing on both single- and multi-homed computers with or without the Routing and Remote Access Service(RRAS). RRAS includes the Routing Information Protocol (RIP) and the Open Shortest Path First (OSPF) routing protocol. 

How to Improve Data Transfers over RAS, RRAS, or Slow Links
Microsoft Knowledge Base Article: 151996 - In most instances, data transfer over a Remote Access Service (RAS) connection, or other forms of slow network links, is performed by the Windows NT redirector using core mode, because one of the redirector requirements for raw mode (that the I/O is to take no longer than 5 seconds to complete) is not satisfied. You can change this time limit requirement so that when all other requirements for raw mode are satisfied, data transfer over RAS or other slow links can be performed using raw mode. 

How to Install and Configure Telephony Server for Client Access
Microsoft Knowledge Base Article: 259375 -:Windows 2000 Server and Windows 2000 Advanced Server include a telephony server for distributed access to shared telephony devices. For example, a LAN-based server may have multiple connections to a local telephone switch or PBX. 

How to Keep RAS Connections Active After Logging Off
Microsoft Knowledge Base Article: 158909 - When you log off of a Windows NT version 4.0 or Windows 2000 Remote Access Service (RAS) client, any RAS connections will be disconnected automatically. To remain connected after logging off, you may enable the KeepRasConnections key in the registry.

How to Prevent Windows 2000 from Assigning WINS and DNS Addresses to RAS Clients
Microsoft Knowledge Base Article: 232651 - In Windows 2000, the Remote Access Service assigns Windows Internet Naming Service (WINS) and Domain Name System (DNS) addresses to clients when they dial in. Clients register their IP addresses with these servers. (updated 232000)

How to Set the Number of Rings for RAS Auto-Answer in Windows NT 4.0/Windows 2000
Microsoft Knowledge Base Article: 145879 - By default, the Remote Access Service (RAS) from Windows NT, answers incoming calls after the first ring. The documentation in the Remote Access Administrators Help file describes how you can modify the RAS Modem.inf file to change this behavior (updated 1/20/2000)

How to Use DHCP to Provide RAS Clients with DHCP Options
Microsoft Knowledge Base Article: 232703 - You can now use the DHCP Relay agent with RAS to provide DHCP scope options to RAS clients. The RAS client continues to receive an IP address from the RAS server, but may use DHCPInform packets to obtain WINS addresses, DNS addresses, domain

How to Use NAT for Incoming RAS Connections on the Same RRAS Server 
Microsoft Knowledge Base Article: 310888 - This article describes how to enable Internet connectivity for incoming Remote Access Service (RAS - clients that are using Network Address Translation (NAT - on the same server. 

How to Use Static Routes with Routing and Remote Access Service
Microsoft Knowledge Base Article: 178993 - The information in this article explains how to add static routes to a computer running Windows NT Server and the Routing and Remote Access Service (RRAS) Update or Windows 2000, so that it can route packets to a remote network. 

Information on Static Routes in Routing and Remote Access
Microsoft Knowledge Base Article: 169203 - Static routes that are defined through the Routing and Remote Access Service (RRAS) Administrator program are not active unless the RRAS Server has started. 

Integrating Windows 2000 and Windows NT 4.0 RAS
Learn how to incorporate NT 4.0 RAS servers into your Win2K environment. Source: Windows & .NET Magazine (May 2000)

Internet Authentication Service for Windows 2000
This paper describes the Internet Authentication Service (IAS) in Microsoft Windows 2000, the Microsoft implementation of a RADIUS server. IAS can be used as a RADIUS server to any device that supports RADIUS, including the Windows 2000 Routing and Remote Access service. IAS can be used in a variety of scenarios, including centralized authentication and accounting for an organization's remote access infrastructure, outsourced corporate access using third-party dial-up service providers, and centralized authentication and accounting for an Internet service provider (ISP). This paper is written for network architects and system administrators using or considering the use of RADIUS and IAS in their network infrastructure. Source : Microsoft.com (Updated June 1, 2000)

Leveraging Components
Discusses how to use NTAccess.RAS, a commercial third-party COM component, to configure NT RAS settings and permissions. Source: Windows & .NET Magazine.

Managing Remote Access on a Per-group Basis Using Windows 2000 Remote Access Policies
This article shows you how to allow and deny remote access on a per-group basis for the three remote-access administrative models. Source: Microsoft.com (March 26, 2000)

MS Fax and Modem Services: Usage and Troubleshooting Guide
Microsoft Product Support Services Whitepaper by Andy Boyd and Greg Winn. May 1999

PPP Dial-Up Sequence
Microsoft Knowledge Base Article: 124036 - This article defines Point-to-Point Protocol (PPP) and discusses its Dial Up sequence implemented with Remote Access Service (RAS). 

Pushing the DNS Domain Name to Remote Access and Demand-Dial Clients
Microsoft Knowledge Base Article: 254183 - This article explains how remote access and demand-dial clients can obtain the domain name system (DNS) domain name from the remote server. 

RASPHONE and RASDIAL: Tips and Differences
Microsoft Knowledge Base Article: 125393 - This article covers many of the undocumented Remote Access Phonebook (RASPHONE) command line options and the differences between RASDIAL and RASPHONE.

Remote Access Connectivity Strategy at Microsoft  
Online Seminar from Microsoft on deploying the next generation of RAS.

Remote Access Server  
A Microsoft paper on RAS designed for Admins who are already familiar with TCP/IP, IP Routing, IPX Routing and Wide Area Networking.

Routing and Remote Access Limitations in Windows 2000
Microsoft Knowledge Base Article: 254239 This article describes the Routing and Remote Access limitations in Windows 2000.

Scheduling a RAS Connection Using the AT Command
Microsoft Knowledge Base Article: 174769 - This article discusses a method for automatically dialing a Remote Access Service (RAS) phonebook entry at a scheduled time. 

The Truth About 56Kbps Connections
Discover important facts and common misconceptions about 56Kbps modem connections. Source: Windows & .NET Magazine (May 2000)

Tried and True Remote Access Solutions
Remotely access your network over a dial-up, VPN, or Internet connection. Source: Windows & .NET Magazine (May 2000)

Understanding Point-to-Point Tunneling Protocol  
A downloadable White Paper about PPTP from Microsoft. A downloadable White Paper about PPTP from Microsoft.

Understanding DHCP IP Address Assignment for RAS Clients 
Microsoft Knowledge Base Article: 160699 - When Remote Access Service (RAS) uses Dynamic Host Configuration Protocol (DHCP) to obtain IP addresses for dial-in clients, only the IP address from the DHCP lease is passed to the RAS client. Other options in the DHCP scope are not. 

Using an Unsupported Modem with Windows NT RAS
Microsoft Knowledge Base Article: 150424 - Some modems that are not listed on the Windows NT Hardware Compatibility List (HCL) can still be used successfully with Windows NT Remote Access Service (RAS). 

Using the Command NetSh to Locally Configure Windows 2000-Based Remote Access Servers or Routers 
Microsoft Knowledge Base Article: 254184 - This article describes how to locally configure Microsoft Windows 2000-based remote access servers or routers from the command prompt.

Using Windows 2000 IAS for Remote Access Solutions
Explore how to use Win2K's IAS on your corporate network as a central configuration point for multiple Win2K RAS servers, as part of a system in which NT 4.0 RAS servers use Win2K remote access policies, and as part of your outsourcing solution. Source: Windows & .NET Magazine (August 2002)

Using Windows NT 4.0 RAS Servers in a Windows 2000 Domain
Microsoft Knowledge Base Article: 240855 - When you connect a remote Windows-based client to a Windows NT 4.0 Remote Access Services (RAS) or Routing and Remote Access Services (RRAS) server that is a member of a Windows 2000 domain, authentication may not succeed if you log on with with a Windows 2000 domain account. Additionally, authentication may not succeed when you connect to a RAS server running Windows 2000 that is a member of a Windows NT 4.0 domain that is accessing user account properties for a user account in a trusted Windows 2000 domain. If you log on with a local account to Windows NT 4.0 RAS or RRAS servers, or Windows 2000, the connection may succeed.

Using PPTP on NT
Microsoft's Point-to-Point Tunneling Protocol (PPTP) provides the potential for network administrators to turn the Internet into part of their WAN infrastructure. Unfortunately, many organizations have not implemented PPTP because it was not available on Windows 95. But, with the recent release of PPTP for Windows 95, greater acceptance of PPTP is likely. Source: Windows NT Systems, (Nov 1997)

Troubleshooting RAS/RRAS

Remote Access Service (RAS) Error Code List
Microsoft Knowledge Base Article: 163111 - This article lists the error codes that Remote Access Service (RAS) reports in Windows NT 4.0 and Windows 95/98.

An Event ID 30020 Is Logged Every Thirty Seconds
Microsoft Knowledge Base Article: 291395 - If Windows 2000 Server is running the Routing and Remote Access service and the server is configured for Routing Information Protocol (RIP), you may receive the following error message in the System event log: 

Cannot Change Domain Password By Using RAS in Windows 2000 
Microsoft Knowledge Base Article: 283258 - When you dial into a Windows 2000 RAS server and your domain password has expired, the change password process that is used by RAS may not work, and your client computer may not be able to connect. The problem occurs when the RAS server is a member of a Microsoft Windows NT 4.0 domain or mixed-mode domain

Cannot Connect to RAS Server at 56 Kbps
Microsoft Knowledge Base Article: 244390 - A Remote Access Services (RAS) server may not answer at 56 Kbps. You may get a connection at 28.8 or 33.6 Kbps. This behavior can occur because standard analog phone lines are not capable of supporting the 56 Kbps standards. A digital line and special hardware is required to achieve a 56 Kbps connection. 

Cannot Disconnect Active RAS Connection with Terminal Services Enabled
Microsoft Knowledge Base Article: 237288 - RAS connections are shared by all Terminal Services users who are connected to a Windows 2000 server with Terminal Services enabled. When a user attempts to disconnect a RAS connection that was created in another session, the following error: It is not possible to disconnect at this time. Most likely, this connection is using one or more protocols that do not support Plug-and-Play.  

Configuring More Than 35 Routing and Remote Access Filters Causes Filters Not to Work 
Microsoft Knowledge Base Article: 300962 - A Windows 2000-based Routing and Remote Access server does not process more than 35 packet filters that are located in either the Input Filters or Output Filters section in the Routing and Remote Access snap-in. The first 35 filters that you configure are processed and work, but additional filters are ignored. This is true for both filters that allow packets and filters that drop packets

Dial-Up Connection Is Dropped When You Stop RRAS
Microsoft Knowledge Base Article: 259580 - If you stop Routing and Remote Access Service (RRAS) on your Windows 2000-based computer while a dial-up connection is active, the dial-up connection is dropped and your modem may stop responding (hang). If you try to reestablish the dial-up connection 

Dial on Demand Routers Connect Intermittently When You Use Auto Configuration Addresses
Microsoft Knowledge Base Article: 260888 - After you install a dial-on-demand (DOD) interface for Routing and Remote Access Service (RRAS) in Windows 2000 and allow the interface to receive an autonet Automatic Private IP Addressing (APIPA) address (169.254.x.x), NetBT broadcasts 

Enabling VPN in RRAS Causes Connection Issues to Remote Networks
Microsoft Knowledge Base Article: 243374 - RRAS does not forward packets after you enable Virtual Private Network (VPN). (updated 612000)

Err Msg: Error Starting Remote Access Service on <Server_Name>
Microsoft Knowledge Base Article: 106204 - On your Microsoft Windows NT computer that is running Remote Access Service (RAS) Administrator you may receive the following error message: Error starting Remote Access Service on <Server_Name>. Check the Event log on <Server_Name> for details. Error 1066: The service has returned a service-specific error code. 

Error Message: "Error 623 The System Could Not Find the Phone Book Entry for this Connection" When Making a VPN Connection
Microsoft Knowledge Base Article: 227391 - When you try to connect to a Virtual Private Connection in Network and Dial-up Connections, the following error message is displayed: Error 623 The system could not find the phone book entry for this connection. 

Err Msg: Error 692: Hardware Failure in Port or Attached Device
Microsoft Knowledge Base Article: 122839 - When you dial a Remote Access Services (RAS) server in Windows NT, you may receive the following error message as the modem starts to initialize: Error 692: Hardware failure in port or attached device. (updated 8/14/2000)

Err Msg: Error 720: No PPP Control Protocols Configured
Microsoft Knowledge Base Article: 122748 - When you attempt to connect to a Remote Access Service (RAS) Server using the TCP/IP protocol, you may receive the following error message: 

LMHOSTS IP Address Should Refer to Network Interface Card
Microsoft Knowledge Base Article: 162071 - If you attempt to connect to a RAS server across a RAS connection using the TCP/IP protocol and you are using an LMHOSTS file for name resolution, you may receive an error message. 

Logging on to a Domain Does Not Work From a Windows 2000-Based RAS Client
Microsoft Knowledge Base Article: 269119 - When you try to log on to a domain from a Windows 2000-based Remote Access Services (RAS) client by using Dial-Up Networking, you are logged on with cached credentials. This problem may result in logon scripts that do not run, and also may may prevent access to group policies, roaming profiles, and home folders.

Modems Do Not Answer as RAS Server
Microsoft Knowledge Base Article: 157827 - The Remote Access Service (RAS) server starts and a client rings, but the modem attached to the server does not pick up.  

Only the Offline Files Are Displayed When You Use a Remote Access or Virtual Private Network Connection
Microsoft Knowledge Base Article: 290523 - When you connect to a network by using either a remote access or virtual private network (VPN) connection, you can browse the network as well as ping servers and receive a reply, but if you attempt to view the shared resources on a server, you can observe only the files that have been made available offline. 

RasDisable and RasForce WinLogon Policies Can Be Bypassed
Microsoft Knowledge Base Article: 263743 - When you set the RasDisable or RasForce WinLogon policies, they appear at first to work. For example, when you press CTRL+ALT+DELETE, the Log on using dial-up connection check box is disabled. However, if you click the Options button twice to condense and then expand the Log On to Windows dialog box, the Log on using dial-up connection check box is enabled. 

RAS Clients Cannot Connect to Windows 2000 Demand-Dial Router
Microsoft Knowledge Base Article: 262357 - When Windows 2000 clients connect to a Windows 2000-based server using Remote Access Service (RAS) connections, they may receive the following error message:

RAS Clients Cannot Gain Access to the Internet Using Network Address Translation
Microsoft Knowledge Base Article: 253145 - You can configure the Network Address Translation (NAT) protocol on a server running Routing and Remote Access Service (RRAS) to allow network clients with private addresses to gain access to the Internet. NAT allows the RRAS server to use its public address(es) on behalf of network clients, including Remote Access Service (RAS) clients. When you use a single server to provide both RAS and NAT services, RAS clients are unable to gain access to the Internet. 

RAS Clients Receive 127.0.0.1 for DNS Server Address
Microsoft Knowledge Base Article: 254715 - Client computers that use Remote Access Services (RAS) or a Virtual Private Network (VPN) to log on to a Windows 2000 domain controller may receive a DNS server address of 127.0.0.1. The clients may be unable to resolve host names to TCP/IP 

RasDisable and RasForce WinLogon Policies Can Be Bypassed
Microsoft Knowledge Base Article: 263743 - When you set the RasDisable or RasForce WinLogon policies, they appear at first to work. For example, when you press CTRL+ALT+DELETE, the Log on using dial-up connection check box is disabled. However, if you click the Options button twice to condense and then expand the Log On to Windows dialog box, the Log on using dial-up connection check box is enabled. 

RAS Server Behavior When Configured to Use DHCP to Assign IP Addresses
Microsoft Knowledge Base Article: 216805 - A Windows 2000 RAS server behaves differently than a Microsoft Windows NT 4.0 server when it is configured to use Dynamic Host Configuration Protocol (DHCP) to assign remote IP addresses. 

RAS Server Silently Enables IP Forwarding on All Interfaces
Microsoft Knowledge Base Article: 262083 - When you enable Routing and Remote Access Service (RRAS) on a Windows 2000-based server, IP Forwarding is silently enabled on all interfaces.

RAS Servers Using TCP/IP and Dynamic Addresses Need WINS
Microsoft Knowledge Base Article: 161427 - When two RAS servers dial each other with TCP/IP as the protocol, and use dynamic IP addressing, WINS must be used for them to resolve each other's NetBIOS names. LMHOSTS or HOSTS file entries will not be sufficient, because of the dynamic 

Remote Access Clients May Not Receive Domain-Based Policy in Windows 2000
Microsoft Knowledge Base Article: 227619 - When a properly configured member of a domain logs on to a domain in which a Group Policy Object (GPO) is present, the user receives the policy. The policy can include such items as shell settings, environment settings, scripts, and so on. 

Routing and Remote Access Event ID 20100
Microsoft Knowledge Base Article: 172512 - After you install the Routing and Remote Access (RRAS) Update for Windows NT 4.0 on your Windows NT 4.0 RAS server, Dial-Up Networking (DUN) clients may not be able to connect to your RAS server when using third party security authentication; one such one such product is SecurID from Security Dynamics. 

Routing and Remote Access IP Addresses Register in DNS
Microsoft Knowledge Base Article: 289735 - When DNS queries for the domain name or the domain controller's fully qualified domain name (FQDN) are sent to a Windows 2000 domain controller that is running Routing and Remote Access, the domain name or FQDN for the domain controller is resolved to an Internet protocol (IP) address that is used by Routing and Remote Access. 

Routing and Remote Access Server Stops Authenticating Dial-Up Networking Clients 
Microsoft Knowledge Base Article: 227747 - When a Routing and Remote Access Services (RRAS) server joins a Windows 2000-based domain, client authentication appears not to work. The RRAS server still authenticates client accounts that are local to the RRAS server, but it does not authenticate domain accounts. You may receive one of the following error messages on the Dial-Up Networking (DUN) client 

The Routing and Remote Access Service Incorrectly Logs Client Termination As an Admin Reset
Microsoft Knowledge Base Article: 265248 - When a client computer tries to terminate a connection to the server, the Routing and Remote Access service may log the event as an "Admin Reset" rather than a "User Request." 

RRAS VPN Dial-On-Demand Failover Mechanism
Microsoft Knowledge Base Article: 262990 - This article describes the failover mechanism of dial-on-demand (DOD) Virtual Private Network (VPN) interfaces in Routing and Remote Access Service (RRAS) in Windows 2000. 

Some LAN Switches with IGMP Snooping Enabled Stop Forwarding Multicast Packets on RRAS Startup
Microsoft Knowledge Base Article: 223136 - Routers connected to LAN switches configured with IGMP snooping may have problems when a Windows 2000 RRAS-capable server comes online or when OSPF or RIP version 2 is enabled. 

Some Registry Entries Missing When Enabling Logging Features in RRAS
Microsoft Knowledge Base Article: 234025 - You may need to enable logs to monitor the activities of certain features in Routing and Remote Access (RRAS) and standard Dial-Up Networking (DUN).

"Stop 0x0000000A" Error Message and Computer Stops Responding When You Use Dial-up RAS Connection 
Microsoft Knowledge Base Article: 321420 - When you use a dial-up remote access service (RAS) connection to browse the Internet or to connect to a corporate network, your computer may stop responding (hang) and return a Stop error (an error on a blue screen) similar to the following 

Troubleshoot and Log RRAS Connections
Enable Poiny-to-Point Protocol logging and NT 4.0 device command logging to troubleshoot PPP-based RAS and RRAS connections. Source: Windows & .NET Magazine (March 2000)

Unable to Configure "Allow Calling Computer to Specify its own IP Address" in Windows 2000
Microsoft Knowledge Base Article: 250881 - When you configure a Windows 2000-based computer that is a member of a domain, there is no option in the Routing and Remote Access (RRAS) snapin to configure "Allow calling computer to specify its own IP address." 

VPN That Uses MS-CHAP Authentication Does Not Connect to RRAS Server
Microsoft Knowledge Base Article: 289732 - When you create a virtual private network (VPN) connectoid to the IP address of an RRAS server that has Microsoft Challenge-Handshake Authentication Protocol (MS-CHAP) authentication enabled, the VPN may not work. 

Windows 2000-Based Remote Access Server in a Windows NT 4.0-Based Domain Cannot Authenticate Users from Trusted Windows 2000-Based Domain Q254155 - 
Microsoft Knowledge Base Article When you set up a Microsoft Windows 2000-based computer to be a remote access server in a Microsoft Windows NT 4.0-based domain, the Windows 2000-based remote access server cannot authenticate users who are members of another Windows 2000-based domain, even when a trust relationship has been established between the Windows NT 4.0-based domain and the Windows 2000-based domain

Windows NT 4.0 IP Routing Information Protocol Service Does Not Upgrade to Windows 2000 Routing and Remote Access
Microsoft Knowledge Base Article: 254269 -  When you upgrade a computer running Microsoft Windows NT Server 4.0 with IP Routing Information Protocol (RIP) service, to Microsoft Windows 2000 Server, the IP RIP service does not automatically upgrade to Routing and Remote Access service. 

Windows NT 4.0 Unable to Negotiate 40-bit Encryption When Connecting to a Windows 2000-Based Computer
Microsoft Knowledge Base Article: 246347 - When you try to use a Dial-Up Networking connection from a Windows NT 4.0-based client computer to a Windows 2000-based computer that requires encryption, it may not work, and you may receive the following error message: 

With Encryption Required You Can Still Select PAP, SPAP, or CHAP
Microsoft Knowledge Base Article: 227815 - When you configure a Dial-Up Networking connection to require data encryption, you may be able to select Password Authentication Protocol (PAP), Shiva Password Authentication Protocol (SPAP), or Challenge Handshake Authentication Protocol (CHAP), even though these protocols do not support data encryption.


PowerConnect 468x60

Entire contents
© 1999-2003 LabMice.net and TechTarget
All rights reserved

This page and its contents are Copyright 1999-2003 by LabMice.net. Microsoft, NT, BackOffice, MCSE, and Windows are registered trademarks of Microsoft Corporation. Microsoft Corporation in no way endorses or is affiliated with LabMice.net. The products referenced in this site are provided by parties other than LabMice.net. LabMice.net makes no representations regarding either the products or any information about the products. Any questions, complaints, or claims regarding the products must be directed to the appropriate manufacturer or vendor.