Microsoft KB Archive/161380

= Only One Default Gateway Allowed on Proxy Server =

Article ID: 161380

Article Last Modified on 2/19/2002

-

APPLIES TO


 * Microsoft Proxy Server 1.0 Standard Edition
 * Microsoft Proxy Server 2.0 Standard Edition

-



This article was previously published under Q161380



SYMPTOMS
When you use a Winsock proxy or web proxy client, and if the Proxy Server is configured with more than one default gateway, you may get the following error message or related error messages:

Connection timed out



CAUSE
The Proxy Server documentation states the following:   A Microsoft Proxy Server computer should have only one IP default gateway. The IP address of the default gateway should be configured on  the external network adapter card only.

This requirement is a result of the basic architecture of TCP/IP. Only one default gateway must be defined on a host that resides on 2 or more non-connected networks. If the Proxy server is configured with more than one network interface, it  is connected to two networks that are by design non-connected.

A default gateway is a router that is supposed to be used for all traffic that has no specific route. If you have two default-gateways, the proxy server TCP/IP stack will assume that they lead to the same set of networks. This will cause the proxy server to send Internet traffic to the internal network, or internal traffic to the Internet.



WORKAROUND
Remove the default gateway from the advanced TCP/IP settings of the internal network interface on the Proxy Server and define static routes to the internal network segments.

Because no default gateway will be defined for the internal network, you must add static routes using the Route Add command. These routes can be made persistent by using the -p command switch.

For additional information on adding static routes to the routing table, see the following:  Type route /? for additional command switches.

-or- See the following Microsoft Knowledge Base article:

140859 TCP/IP Routing Basics for Windows NT





MORE INFORMATION
This is not specific to Proxy Server. When the Microsoft Exchange Dynamic RAS connector contacts an ISP, you can get the above error message; however, the workaround is the same.

Additional query words: proxy internet server timeout connect fail faq frequently asked questions winsock

Keywords: kbinterop kbfaq kbusage KB161380

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.