Only One Default Gateway Allowed on Proxy Server

 Last reviewed: February 3, 1998
Article ID: Q161380

The information in this article applies to:

  • Microsoft Proxy Server versions 1.0 and 2.0

SYMPTOMS

When you use a Winsock proxy or web proxy client, and if the Proxy Server is configured with more than one default gateway, you may get the following error message or related error messages: 

   Connection timed out

CAUSE

The Proxy Server documentation states: 

   A Microsoft Proxy Server computer should have only one IP default
   gateway. The IP address of the default gateway should be configured on
   the external network adapter card only.

   This requirement is a result of the basic architecture of TCP/IP. Only
   one default gateway must be defined on a host that resides on 2 or more
   non-connected networks.

   If the Proxy server is configured with more than network interface, it
   is connected to two networks that are by design non-connected.

   A default gateway is a router that is supposed to be used for all
   traffic that has no specific route. If you have two default-gateways,
   the proxy server TCP/IP stack will assume that they lead to the same set
   of networks. This will cause the proxy server to send Internet traffic
   to the internal network, or internal traffic to the Internet.

WORKAROUND

Remove the default gateway from the advanced TCP/IP settings of the internal network interface on the Proxy Server and define static routes to the internal network segments.

Because no default gateway will be defined for the internal network, you must add static routes using the Route Add command. These routes can be made persistent by using the -p command switch.

For additional information on adding static routes to the routing table, see the following:

  • Type route /? for additional command switches.

    -or-

  • See the following Microsoft Knowledge Base article:

    ARTICLE-ID: Q140859 

       TITLE     : TCP/IP Routing Basics for Windows NT

MORE INFORMATION

This is not specific to Proxy Server. When the Microsoft Exchange Dynamic RAS connector contacts an ISP, you can get the above error message; however, the workaround is the same.

Additional query words: proxy internet server timeout connect fail faq
frequently asked questions prx2faq winsock
Keywords : kbinterop kbusage kberrmsg kbfaq
Version : WINNT:1.0,2.0
Platform : winnt

THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.

Last reviewed: February 3, 1998
© 1998 Microsoft Corporation. All rights reserved. Terms of Use.