Microsoft KB Archive/262083

= RAS Server Silently Enables IP Forwarding on All Interfaces =

Article ID: 262083

Article Last Modified on 3/1/2007

-

APPLIES TO


 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Advanced Server

-



This article was previously published under Q262083



SYMPTOMS
When you enable Routing and Remote Access Service (RRAS) on a Windows 2000-based server, IP Forwarding is silently enabled on all interfaces.



CAUSE
This behavior occurs because IP Forwarding is necessary for the Remote Access Service (RAS) server to forward traffic to clients on the local area network (LAN). However, you may not want this configuration for security reasons.



RESOLUTION
To resolve this issue, use the following steps:
 * 1) Start Routing and Remote Access in Administrative Tools.
 * 2) Right-click the server name, and then click Properties.
 * 3) On the IP tab, click to clear the Enable IP Routing check box.



STATUS
Microsoft has confirmed this to be a problem in Microsoft Windows 2000.



MORE INFORMATION
IP Forwarding in Windows 2000 is the equivalent of the Windows NT 4.0 RAS server Allow Remote TCP/IP Clients to Access option (you can choose Entire network or This computer only when you use this option).

If you disable IP Routing in Windows 2000, RAS clients are only able to gain access to the RAS server, and not the entire network.

Keywords: kbbug kbenv kbpending KB262083

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.