Nice to hear that Im not the only one that finds this weird
The only things installed on this box *should be* W2K and ISA...
The server is equipped with two network-cards. And Im currently looking into how this affects the routing table. Im going to stop the server this evening, and disable the card in BIOS, and take it from there.
But you mention RRAS... Would you mind terribly filling me in on what that is?
I have now disabled on of the NIC's in the server, but the 32 bit routes keeps on coming in the w2k routing table...
I have tried restarting the server, with the webproxy service Disabled. I ran the server for about an hour, and saw no routes being added. After I started the webproxy service, the routes started appearing straight away.
I've compared the route print in w2k, with the Sessions in ISA, and find that the hosts with sessions all appear with routes in the w2k table.
My problem on this server is that at regular intervals, it stops working for "some" hosts/networks. This happened again just a few minutes ago, i.e. some hosts could not browse the internet. I checked the sessions and the routing table on the W2k server and could not find the affected hosts. I then added a route manually in w2k to one of the affected hosts, and that made it connect successfully...
I also tried adding a larger network manually, which covers all our networks, but that did not help.
We host a lot of services for our branches here in my office, all running on Windows servers... MS SQL, File/Print, DC's etc, but none of these add routes to each host connecting...
Any input or comments are appreciated... both by me and my very patient users... //A
From: Sydney, Australia
I just did the same on one of my ISA's. In the active route's there were a number of similar entries. something like: route print | find "255.255.255.255"
will show them all. Obviously, anything with a local address in the network location or a .255 address means its a local card or uses the local card to broadcast.
I observed that any of these "temporary" active routes had a metric of 2, so other routes would take precedence if need be so that shouldn't interface with other traffic, specifically also becasue of the 32 bit mask for the network location.
My suspicion is that the Routing & Remote Access (RRAS) service used for VPN's may be creating these route entries in my instance. Of interest, do you have the RRAS service running?
On monday this week an expert (MS Gold Partner) visited for a "healthy" fee, to do an analysis on my problem. Fortunately, my elusive problem hit the server practically when he walked in the door. The ISA refused any more sessions, but we could ping the server on both IP and hostname, map shares, the works...
We rebooted the server and the service was backup up. He checked the logs, event and ISA, looked at the config, but came up with nothing.
In the afternoon, after a lot of head-scratching and so, we installed ISA 2004. The differences between 2000 and 2004 are many, but one of them is the way it handles sessions. In ISA 2000 the routing is done in large part by the OS, while in ISA 2004 its the other way around.
Long story short, installing ISA 2004 solved my problem! And it gave me a lot more options in logging and monitoring. Performance-wise it is far superior as well.