You May Not Be Able to Log On to the Domain with VPN If a Winsock Proxy Is Enabled (317506)


The information in this article applies to:

  • Microsoft Internet Security and Acceleration Server 2000
  • Microsoft Proxy Server 2.0
  • Microsoft Windows XP Professional
  • Microsoft Windows XP Home Edition
This article was previously published under Q317506

SYMPTOMS

You may not be able to log on to your domain by using a virtual private network (VPN) if you have the Microsoft Proxy 2.0 client or the Microsoft Internet Security and Acceleration (ISA) Server 2000 client installed, and the proxy server can be reached only by using the VPN connection.

This behavior occurs only if you refer to the VPN server by a Domain Name System (DNS) name instead of by the IP address when you create the VPN connection.

CAUSE

Typically, the DNS server's IP address is not contained in the client computer's local address table (LAT). When the client computer tries to resolve the IP address for the VPN server, the client sends the name-resolution request to the proxy server. Because the client cannot reach the proxy server before the VPN connection is established, the name resolution for the VPN server times out.

RESOLUTION

To change this behavior, add the following lines to the master copy of the Mspclnt.ini file on the server that is running Proxy Server 2.0 or ISA Server 2000:

[svchost]
Disable=1

STATUS

This behavior is by design.

MORE INFORMATION

Note that the resolution that is described in this article prevents Svchost from accessing the external network through a Winsock proxy. Therefore, the following services that are hosted by Svchost do not use a Winsock proxy and users can log on:

Remote Procedure Call (RPC)
Windows Audio
Background Intelligent Transfer Service
Computer Browser
Cryptographic Service
DHCP Client
Logical Disk Manager
Error Reporting Service
COM+ Event System
Server
Workstation
Messenger
Network Connections
Network Location Awareness
Remote Access Connection Manager
Task Scheduler
Secondary Logon
System Event Notification
Shell Hardware Detection
System Restore Service
Telephony
Terminal Services
Themes
Distributed Link Tracking Client
Upload Manager
Windows Time
Windows Management Instrumentation
Portable Media Serial Number
Automatic Update
Wireless Zero Configuration
DNS Client
TCP/IP NetBIOS Helper
Remote Registry
SSDP Discovery Service
WebClient

Modification Type:MajorLast Reviewed:2/7/2002
Keywords:kbenv kbnetwork kbprb KB317506
©2002 Microsoft Corporation. All rights reserved.