Hello, To lockdown / isolate PC we use the following in response to a DHCP request. IPAddress X.X.X.145 Subnet Mask: 255.255.255.255 DNS X.X.X.147 NOTE: NO DEFAULT GATEWAY Static Routes 64.233.169.99 / X.X.X.129 64.233.169.104 / X.X.X.129 X.X.X.147 / X.X.X.145 X.X.X.129 / X.X.X.145 This works fine for all windows OS upto XP. Vista machines can not ping X.X.X.147 or X.X.X.129. Anybody have ideas as to why? Firewall etc not an issue see next bit of text. Workaround: Onthe X.X.X.145 machine usingroute command to first delete X.X.X.147 and X.X.X.129 and then add them again as... route add X.X.X.147X.X.X.145 route add X.X.X.129 X.X.X.145 Ping now works to 147 and 129!! An obvious difference is that when Static Route is added by DHCP server the route (route print)Gateway is X.X.X.145 for 147 and 129. This is different to command line method which has the Gateway as On-link. Going to each PC is not an option. Again, anybody got knowledge to share?

Hi, Please enablethe Forwarding parameter on the X.X.X.145 interface on the Windows Vista machineand check the result. To enable the Forwarding parameter, type the following command: Netsh int ipv4 set int interface_name (or idx number) forwarding=enabled If the issue persists, please export the route tables for further research.

Hello, The netsh command did not fix the problem. Sorry for the long reply. Here is some information that I hope will help. I did some tests that confuse me more than shed light on the problem.As you look through the 'route print' results I can successfully ping the four destinations that starts with 64.I cannot ping 161.71.78.129 or 161.71.78.147. The ping result gives a responce I thought imposible. The destination is both reachable AND unreachable at the same time. route print--===========================================================================Interface List 8 ...00 09 6b 0c 5a 9b ...... Intel(R) PRO/100 VE Network Connection 1 ........................... Software Loopback Interface 111 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter17 ...02 00 54 55 4e 01 ...... Microsoft Tun Miniport Adapter=========================================================================== IPv4 Route Table===========================================================================Active Routes:Network Destination Netmask Gateway Interface Metric 64.233.169.99 255.255.255.255 161.71.78.129 161.71.78.145 21 64.233.169.103 255.255.255.255 161.71.78.129 161.71.78.145 21 64.233.169.104 255.255.255.255 161.71.78.129 161.71.78.145 21 64.233.169.147 255.255.255.255 161.71.78.129 161.71.78.145 21 161.71.78.129 255.255.255.255 161.71.78.145 161.71.78.145 21 161.71.78.145 255.255.255.255 On-link 161.71.78.145 276 161.71.78.147 255.255.255.255 161.71.78.145 161.71.78.145 21 224.0.0.0 240.0.0.0 On-link 161.71.78.145 276 255.255.255.255 255.255.255.255 On-link 161.71.78.145 276===========================================================================Persistent Routes: None IPv6 Route Table===========================================================================Active Routes: NonePersistent Routes: None ping response--Pinging 161.71.78.129 with 32 bytes of data: Request timed out. Reply from 161.71.78.145: Destination host unreachable. Request timed out. Reply from 161.71.78.145: Destination host unreachable. Ping statistics for 161.71.78.129: Packets: Sent = 4, Received = 2, Lost = 2 (50% loss), ipconfig /all--Windows IP Configuration Host Name . . . . . . . . . . . . : client-pc2 Primary Dns Suffix . . . . . . . : quarantine1.netman.com Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : quarantine1.netman.com netman.com Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : quarantine1.netman.com Description . . . . . . . . . . . : Intel(R) PRO/100 VE Network Connection Physical Address. . . . . . . . . : 00-09-6B-0C-5A-9B DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IPv4 Address. . . . . . . . . . . : 161.71.78.145(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.255 Lease Obtained. . . . . . . . . . : 07 July 2008 10:50:23 Lease Expires . . . . . . . . . . : 07 July 2008 11:05:23 Default Gateway . . . . . . . . . : DHCP Server . . . . . . . . . . . : 161.71.78.150 DNS Servers . . . . . . . . . . . : 161.71.78.147 NetBIOS over Tcpip. . . . . . . . : Enabled Tunnel adapter Local Area Connection* 7: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft ISATAP Adapter Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 11: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft Tun Miniport Adapter Physical Address. . . . . . . . . : 02-00-54-55-4E-01 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes netsh show command--Interface Local Area Connection Parameters----------------------------------------------IfLuid : ethernet_4IfIndex : 8Compartment Id : 1State : connectedMetric : 20Link MTU : 1500 bytesReachable Time : 28500 msBase Reachable Time : 30000 msRetransmission Interval : 1000 msDAD Transmits : 3Site Prefix Length : 64Site Id : 1Forwarding : enabledAdvertising : disabledNeighbor Discovery : enabledNeighbor Unreachability Detecion : enabledRouter Discovery : dhcpManaged Address Configuration : enabledOther Stateful Configuration : enabledWeak Host Sends : disabledWeak Host Receives : disabledUse Automatic Metric : enabledIgnore Default routes : disabled

Hi, I want to compare this route table with the one that you can ping 161.71.78.123 after adding the static routes by using the route add command. Could you export that route table for me? Thanks.

Hello, Here are the commands done...route delete 161.71.78.129route add 161.71.78.129 161.71.78.145 route print--===========================================================================Interface List 8 ...00 09 6b 0c 5a 9b ...... Intel(R) PRO/100 VE Network Connection 1 ........................... Software Loopback Interface 111 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter17 ...02 00 54 55 4e 01 ...... Microsoft Tun Miniport Adapter=========================================================================== IPv4 Route Table===========================================================================Active Routes:Network Destination Netmask Gateway Interface Metric 64.233.169.99 255.255.255.255 161.71.78.129 161.71.78.145 21 64.233.169.103 255.255.255.255 161.71.78.129 161.71.78.145 21 64.233.169.104 255.255.255.255 161.71.78.129 161.71.78.145 21 64.233.169.147 255.255.255.255 161.71.78.129 161.71.78.145 21 161.71.78.129 255.255.255.255 On-link 161.71.78.145 21 161.71.78.145 255.255.255.255 On-link 161.71.78.145 276 161.71.78.147 255.255.255.255 161.71.78.145 161.71.78.145 21 224.0.0.0 240.0.0.0 On-link 161.71.78.145 276 255.255.255.255 255.255.255.255 On-link 161.71.78.145 276===========================================================================Persistent Routes: None IPv6 Route Table===========================================================================Active Routes: NonePersistent Routes: None ping 161.71.78.129--Pinging 161.71.78.129 with 32 bytes of data: Reply from 161.71.78.129: bytes=32 time=1ms TTL=255 Reply from 161.71.78.129: bytes=32 time=1ms TTL=255 Reply from 161.71.78.129: bytes=32 time=1ms TTL=255 Reply from 161.71.78.129: bytes=32 time=1ms TTL=255 Ping statistics for 161.71.78.129: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 1ms, Maximum = 1ms, Average = 1ms ping 161.71.78.147--Pinging 161.71.78.147 with 32 bytes of data: Request timed out. Request timed out. Request timed out. Request timed out. Ping statistics for 161.71.78.147: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

Hello,Does anyone know if this issue has an answer?