Cloud Security, Privacy and Reliability...

Security, Community and a whole lot more!

Blogs

VPN Binding Order

  • Comments 1
  • Likes

I have had a number of people ask me this question and am pleased to say that we were also provided with a solution by Mark Torng....

"Some users calling me with issues saying they couldn’t use outlook because the mail server was not found, also not being able to map network drives while connected to the VPN.

They could however map the network drive with the according internal IP. Right away I knew this was a DNS problem. But what was extremely puzzling, was that half the VPN users had no problem, and some couldn’t do anything. More research into this (and after banging my head against the wall a few times, and looking over every setting in my ISA 2004 firewall, and VPN) I found that our DNS wasn’t the problem, but rather the binding order of my clients.

After checking the obvious Network Connections Advanced settings to view the binding order, the Remote Access Connections was at the top of the list. BUT if you compared this to your registry

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Linkage. BIND KEY

The \Device\NdisWanIp was at the bottom of all other devices."

I personally had not come across this issue before, but other people during the recent TechNet tour mentioned the same problem. I came across the following Support Article that may help: http://support.microsoft.com/?id=311218

Mark took this a step further and supplied us all with a VBScript to help deal with the challenge (Kudos to Mark):

'Written by Mark Torng on 3/9/2005
'Adapted from scripts @ Microsoft Script Center.

'Call the Main Sub
Main()

Sub Main()
 const HKEY_LOCAL_MACHINE = &H80000002 ' Root Node that we want in the registry
 strComputer = "."       ' Computer Name  "." is equal to the local machine
 Set StdOut = WScript.StdOut    ' Setup the StdOut for writing
 
 'StdOut just writes out to the command window
 StdOut.WriteLine  "--------------------- Executing ------------------------------"
 
 'Here we're getting a reference to a registry Object so that we can read/write from/to the registry
 Set oReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer & "\root\default:StdRegProv")
 
 strKeyPath = "SYSTEM\CurrentControlSet\Services\Tcpip\Linkage" 'The Key Path
 strValueName = "Bind"           'The Value Inside the key that's the multi string

 'Get the list of VALUES from the registry
 oReg.GetMultiStringValue HKEY_LOCAL_MACHINE, strKeyPath, strValueName, arrValues
 
 Dim colNewVals           'dictionary object used to store the new sorted values sorted
 Set colNewVals = CreateObject("Scripting.Dictionary") 'in the order that we want them to be written back to the registry
  
 StdOut.WriteLine  "This is the original array."
 For Each strValue In arrValues
     StdOut.WriteLine  strValue
 Next
 
 StdOut.WriteLine  ""
 
 flag = false
 StdOut.WriteLine  "Grab what we were looking for."
 For Each strValue In arrValues
  If strValue = "\Device\NdisWanIp" Then
   colNewVals.Add 0, strValue
   flag = true
   StdOut.WriteLine  strValue
   Exit For
  End If    
 Next
 
 StdOut.WriteLine  ""
 
 StdOut.WriteLine  "Checking to make sure we found what we were looking for."
 If flag = false Then
  StdOut.WriteLine  "Nope exiting..."
  StdOut.WriteLine"\Device\NdisWanIp not found."
  Exit Sub
 End If
 StdOut.WriteLine  "Yep Continuing"
  
 StdOut.WriteLine  ""
 
 StdOut.WriteLine  "Read in the rest of the values."
 i = 1
 For Each strValue In arrValues
  If strValue <> "\Device\NdisWanIp" Then
   colNewVals.Add i, strValue  
   i = i + 1
   StdOut.WriteLine  strValue
  End If    
 Next
 
 StdOut.WriteLine  ""
 
 StdOut.WriteLine  "This is the new array."
 For Each strNewVal In colNewVals.Items
     StdOut.WriteLine  strNewVal
 Next
 
 StdOut.WriteLine  ""
 
 StdOut.WriteLine  "Write the values back to the registry."
 oReg.SetMultiStringValue HKEY_LOCAL_MACHINE, strKeyPath, strValueName,colNewVals.Items


 
End Sub