Microsoft KB Archive/896072

= Windows XP SP2-based VPN or dial-up client cannot access remote resources =

Article ID: 896072

Article Last Modified on 4/5/2005

-

APPLIES TO


 * Microsoft Windows XP Service Pack 2

-





SYMPTOMS
You connect a Microsoft Windows XP Service Pack 2 (SP2)-based computer to a remote access server by using a virtual private network (VPN) or a dial-up connection. Then you cannot access any remote resources.



CAUSE
This behavior may occur if the following conditions are true:
 * A third-party Dynamic Host Configuration Protocol (DHCP) server is in the network, and the remote access server has the DHCP Relay Agent enabled.
 * The Use default gateway on remote network check box is selected in the client’s connectoid that is used to connect to the remote access server.

DHCP clients send DHCPInform packets to the DHCP server. All Windows-based DHCP servers respond by sending the DHCP subnet mask in the additional configuration parameters that the DHCP servers provide to the DHCP clients.

Windows XP SP2-based DHCP clients delete all old routes and add new routes based on the subnet mask that is included in the DHCP server response packet.

Third-party DHCP servers can be configured not to provide the DHCP subnet mask when a DHCP client sends a DHCPInform packet. This leaves the DHCP clients without a subnet mask. In this scenario, Windows XP SP2-based DHCP clients delete all old remote access subnet routes and are left without a remote access route. Then you experience the symptoms that are described in the &quot;Symptoms&quot; section.



WORKAROUND
To work around this behavior, configure the third-party DHCP server to include the subnet mask information in response to a client DHCPInform packet.



STATUS
The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, regarding the performance or reliability of these products.

