Routing problems with PPTP and XP SP2



In the past 6 weeks this has really become a problem. Here is the situation:

I have many remote users connecting to me with PPTP tunnels from locations
around the country. Recently I have been receiving complaints that these
users cannot reach hosts that are not on the same subnet as the VPN (RRAS)

I have examined the connection properties and the RRAS server and have
concluded that the problem lies on the workstation.

With a client connected and having the problem I placed a laptop on the same
subnet and "remote assisted" the user. He is using a new IBM R51 with XP Pro
SP2 512 RAM and a Centrino Processor. I checked his connection settings and
all was well. Then I looked at his routing table. Using netstat -rn I saw
the local default gateway with a metric of one. This is what I expected and
is normal. Here was the problem route:

Destination Netmask Gateway Interface
Metric 50

My entire network is on the This route should have sent all
the traffic for that network to me. Instead traffic to my network was being
routed out the local gateway to oblivion. Why is the metric so high for this
route? Even more puzzling...why is the traffic being sent out the default
route when there is a better match in the routing table?

Part of the answer may lie in the fact that Richard was using a wireless
access point for his connection to the internet. Richard is by no means the
only user having this problem. There are at least 10 more. I believe that
all 10 are utilizing wireless access points, but again...why is the metric so
high? And how can I fix it?

I have tried changeing the metric manually, but as these users do not have
admin privs it doesn't work. Please shed some light on the situation. This
is wasting a lot of my and my IT departments time. Thank you,


OK still no answer from an MVP or anyone on this. I have looked into it
further. I initially thought it had something to do with wireless access
points until I was able to duplicate the problem with my non-wireless laptop.
I connected to the VPN server and saw the route in the routing
table within seconds of the connection's authorization. Then tried some
pings. Got no replies. Looked again at the routing table and that route had
dissappeared. Where did the route go?

This is happening on freshly built Windows XP SP2 machines with all of the
current patches. I suspect a recent patch (sometime in February) is to
blame, but have not narrowed it down. Help please.

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question