none
Unidentified network / default gateway RRS feed

  • Question

  • I have Windows Server 2008 with two NICs. First one is connected to internet and has static IP configuration. There is no issue with this NIC.

    Second one is connected directly to backend network (192.168.x.0/24) and has static IP configuration but no default gateway.

    If there is no default gateway set on second NIC network is set to public and has "Unidentified network" sign in Network Sharing Center.  If I fill default gateway on this NIC with any IP, network will become known and I can switch it to private network. This configuration with two default gateways is imho wrong, but I didn't found another way how to set backend network as a private network.

     

    Friday, February 8, 2008 9:57 AM

All replies

  • I makes sense to have different default gateways on each segment.  The purpose of a default gateway is to define the route a message should take if it can't find the address on the current network segment.  If the address can't be found on the current segment, the message is passed to default gateway and (hopefully) will be resolved somewhere on the other side of the gateway.

     

    tgc

     

    Wednesday, February 20, 2008 2:03 AM
  • Sorry, but I don't agree with you.

    Two default gateways on one system can make sense just for redundancy. If I have two NICs connected to direrent purpose networks (internet and backend) then second gateway makes no sense. First packets are being sent to local networks, which are defined by IP address and network mask on eatch NIC, then they are send to default gateway with lower cost.

    Second gateway will be never used.

    There is a warring message in Windows Server 2008 if you configure more that one default gateway:

     

     

    Code Snippet

    ---------------------------
    Microsoft TCP/IP
    ---------------------------
    Warning - Multiple default gateways are intended to provide redundancy to a single network (such as an intranet or the Internet). They will not function properly when the gateways are on two separate, disjoint networks (such as one on your intranet and one on the Internet). Do you want to save this configuration?
    ---------------------------
    Yes   No  
    ---------------------------

     

     

    I remember similar warnings from Windows Server 2003, so it's not new.
    Wednesday, February 20, 2008 6:01 AM
  •   Setting multiple gateways on one interface can give you redundancy, but it is very limited. It depends on dead gateway detection, and it is a one shot wonder. It will never switch back without intervention.

     

     Setting a gateway on each NIC when you have multiple NICs is a different matter and is not a good idea. In fact it can cause you grief if you are using it as a router (hence the warning), For instance a RRAS/NAT router may fail to work at all if a default gateway is set on the private NIC. Nothing is ever transferred to the public network from the LAN.   

     

    Thursday, February 21, 2008 10:04 AM
  •  

    HEllo i dont know what to do also ..please i have a vista home premium on compaq presario and it has been working well with the LAN and wireless but 2 days ago..it has been on unidentfied network..pls how do i solve that.My router is from the university information centre ..does that has anything to do with it. cant connect the web again...pls help
    Friday, February 22, 2008 10:29 AM
  • So, how did you solved this issue.
    Saturday, August 16, 2008 9:44 PM
  • Hi, 

    Hi,
    windows use the IP address netwrok ID to determine which computers are within the domain network if your servers have two cards from differnt subnet it consider one of the as public , you can change the other to Private using Network and Sharing Center



    Nice article:http://trycatch.be/blogs/roggenk/archive/2008/01/28/network-locations-in-windows-vista-amp-windows-server-2008.aspx

    Hikmat Kanaan
    • Edited by Hikmat Kanaan Wednesday, August 27, 2008 11:02 AM add info
    Wednesday, August 27, 2008 8:16 AM
  •   Hi , All

    Finally after about 4 hours of research , I think this is the solution:
    To be able to change you second adapter status to private network profile do the following:

    1. If this is need for a stand alone server  , run local security policy editor
    2. select network list Manager Policies
    3. At the right Side you can select & double click: Unidentified Networks
    4. In the location type select Private , which means that all Unidentified networks will be consider as private profile network
    5. you can also allow the user to change the Location profile

    This will allow the system to keep settings after reboot

    The same hold true if you used teh Domain Policy
    Have fun

    Hikmat Kanaan
    • Proposed as answer by Hikmat Kanaan Thursday, September 4, 2008 12:34 PM
    Thursday, August 28, 2008 1:03 PM
  • Pls explain properly bza i have face this type of problem
    when open the gpedit.msc>then explain the next process
    i am waiting for your revert

    regard
    neeraj
    +919936979821
    Thursday, May 21, 2009 7:25 AM
  • Hi, Neeraj

    To do this on your local server , follow these steps:

    1. Start --> run --> MMC --> press enter
    2. In MMC console , from menu file select Add/Remove Snap-in
    3. Select Group Policy Object editor --> Press Add --> select Local computer --> press OK -->press OK
    4. Open Computer configration -->Windows Settings -->Security Settings -->select Network list manger policies

    on the right Side you will see options for :

    double click -->Unidentified netwroks

    then you can select the option to consider the Unidentified netwroks as private and if user can change the location.

    I hope that is will help you and is clear .

    the good News that this have  changed in windows 7 and windwos 2008 R2 , where user can change the connection type from an easy interface

    Hikmat Kanaan Amman-Jordan MCSE
    • Proposed as answer by Hikmat Kanaan Thursday, May 21, 2009 1:38 PM
    Thursday, May 21, 2009 1:37 PM
  • got the same problem with w7 ultimate x64. the above solution does not work.
    any ideas?

    -flow
    Thursday, January 14, 2010 2:37 PM
  •   You will need to give more details about what you actually did and what is happening. This thread has covered a lot of ground. "Same problem" as what?  "does not work" is not a satisfactory description.

       If you have changed the security settings as Hikmat described, the unidentified network will not be classified as public. If it is, I suspect that you have not followed the directions correctly.
     
    Bill
    Friday, January 15, 2010 5:26 AM
  • Hello I have a similar issue,

    I have a Windows server 2008 R2 with two nics, first nic is on a domain network and the server finds this network connection properly, however my second nic is on a local lan with no internet connection, this LAN is used for transporting backup traffic to a cellserver, the server recognizes this network as "Unidentified" and no traffic is allowed.
    I now that I shouldnt use 2 gateways but when I write in the second GW it gets recognized as a domain network and traffic is allowed, 

    And isnt the different profiles only different settings for the firewall? I disable the firewall and I still have the same problem.

    How can I "force" the card to get recognized without setting a second GW?

    Ive read some forums about NdisDeviceType and editing the registry, but there must be a simplier way to get it done or am I wrong? Especially on servers in big environment where it is common with a second lan for distributing certain traffic.

    Br
    Chris
    Tuesday, January 26, 2010 4:07 PM
  •   The fact that is unidentified will not prevent traffic from being sent over it. What will stop traffic is if it is set to Public.

       The normal setting is for unidentified networks to be public. This is to prevent your machine from receiving packets from an untrusted location. This is a security setting which can be changed. You can set it so that unidentified networks are private if you trust the network.

    Bill
    Thursday, January 28, 2010 4:56 AM
  • Hello Bill, thanks for your reply, I have managed to set the unidentified network as Private, but I still experience the same problem. I have tried with adding static routes but no, there is still no traffic, only way is to set a second default GW and that is BAD. I know there is no network errors because the server used to be a windows 2003 with same network configuration and it works.

    Br
    Christian
    Thursday, February 11, 2010 11:29 AM
  •   If the machines on this network are in the same IP subnet as the NIC on this server, static routes and default gateways are not required and will not do anything for you. Machines in the same IP subnet communicate directly using hardware addressing. They do not use routing.

       Problems like this are usually name resolution problems. If the name resolves to a particular IP address, then that is the IP which will be used. Can you communicate with machines on your second network using IP addresses?

    Bill
    Thursday, February 11, 2010 10:19 PM
  • Bill,

    I have read the thread above and would like to inquire about a somewhat similar issue I am dealing with:

    1. 4 - Windows 2003 servers each connected to its own router setup on private LAN with default gateways of 192.168.0.1x1 and 192.168.1.1x3.  All routers are set on a static public IP for internet connection.  All servers uses NIC1 to connect to router.  All servers are for varying services, ie: web, ftp, sql, smtp.

    2. I am now trying to use NIC2 of each server to connect to a separate router not connected to the internet set on DHCP with default gateway of 192.168.10.1.  The purpose is to connect a LAN hard drive on the router for each server to use as a backup device.

    3. Each server connected and was assigned an IP.  I was able to connect and backup, and the internet worked fine on all 4 servers.  It worked for about 2 days, then two of the servers lost internet connection, one from each DG.

    Was wondering if this is the correct way to go about this?  I got the similar message as others did when I first configured this:

    Code Snippet

    ---------------------------
    Microsoft TCP/IP
    ---------------------------
    Warning - Multiple default gateways are intended to provide redundancy to a single network (such as an intranet or the Internet). They will not function properly when the gateways are on two separate, disjoint networks (such as one on your intranet and one on the Internet). Do you want to save this configuration?
    ---------------------------
    Yes   No  
    ---------------------------


    but continued for my purpose. 

    Can you please enlighten me as the correct way to go about this.  Should I set all my 4 routers to use the same default gateway of 192.168.1.1 and similarly to the backup router to be used at NIC2?

    I appreciate any immediate replies.
    Octavious





    Friday, March 12, 2010 8:12 PM
  •    What the warning message is telling you is that setting multiple gateways is a way to let a machine switch to another gateway if one fails. This is not very reliable, and not really effective because it will not switch back! Something like this may have disabled the normal gateways that you use.

       You should not configure more than one default gateway on a machine. If you want this setup to work, leave the default gateway on the 192.168.10 NICs blank. Machines do not need a default gteway to communicate with other machines in the same IP subnet. It is only required to communicate with machines in a different IP subnet (which requires IP routing). Not having a default gateway configured will give you the "unidentified network" message but it should work.

      The main problem with multihoming servers like that is name resolution. Each server now has two IP addresses associated with its name. The traffic will only use a particular network if the name resolves to the IP address in that network. This should not be a problem for you if the servers initiate the connection to the the hard drive, because that device is not multihomed. If its name always resolves to 192.168.10.1 the servers will send traffic for it from their 192.168.10 interfaces.

       I would leave the default gateway settings on the 192.168.0 and 192.168.1 NICs as they are if this worked successfully in the past. You cannot use a 192.168.0 or 192.168.1 address for the gateway setting on the 192.168.10 NICs. A default gateway must be in the same IP subnet as the NIC because it has to be reachable directly (ie by "on the wire" hardware addressing).
    Bill
    Saturday, March 13, 2010 3:44 AM
  • Hi

    I had the same problem with unidentified network on Windows 2008 R2 Hyper-V, I had configured 2 NICs with IP addresses but then realised I did not need to add 2nd IP address as this was going to be Virtual Network in Hyper-V. I removed IP settings on 2nd NIC but network showed unidentified.

    Went to registry and deleted all entries under [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces], then reconfigured my primary NIC again.

    Bob

    Tuesday, October 12, 2010 9:46 AM
  • Hi,

    I ran into this issue also on a Server 2008 R2 Physical Server (Running Remote Desktop Services Server).

    Ran though all above steps with no fix.

    Resolution was uninstalling and reinstalling the NIC Adapters via device Manager, after re inputting the static IP settings it now shows connected to the domain name.

     

    ... Do not know however what may have caused this issue in the first place.

     

    - Mark

    Tuesday, December 28, 2010 8:26 PM
  • I have two windows 2008 R2 Servers, each has two nic (NIC 1 is Public 192.168.x.x) NIC 2 is Private (10.x.x.x). Nic 1 is OK.

     But NIC2 display with two icons (icon1 is private, icon2 is unidenitified). Is there any way to remove the icon 2?

     

     

    Tuesday, March 15, 2011 12:03 PM
  • hey guys. i have a similar issue. Windows Server 2008 R2 SP1. I know it worked before. It was probably one of the updates that cause the issue.

     

    Issue is:

    - 2 NICs (x.x.182.10, x.x.182.68)

    - 2 IPs on different subnets (.224, .240)

    - 2 different gateways (.x.x.182.1, x.x.182.65)

     

    First NIC works. 2nd NIC doesnt. Maybe I havent read up enough yet. I get the same warning about multiple gateways and such. 

    The same config worked on 2003 R2 and even before SP1. Just it popped up recently.

    Thursday, May 5, 2011 9:15 AM
  • The problem occurs when you have dual homed servers with only one server having connectivity to a DNS server. The problem is that an unidentified network is effectively shut down and will not accept any inbound connections. There has been a number of discussions on resolving this, but the solution is quite simple.


    TCP/IPv4 solution

    1. Open up the IP V4 properties from the problem Network adaptor
    2. Click the Advanced tab
    3. Click the DNS tab
    4. in 'DNS Suffix for this connection', enter your local AD Domain Name  
    • Proposed as answer by CWOTT Friday, March 30, 2012 8:00 PM
    Tuesday, May 17, 2011 10:47 AM
  • simple, unless you are a windows 7 box on an unix network.

     

    i've had endless problems with tw windows 7 machines runing library software on a mixed OS X served open directory network. for a start, the window 7 machines refuse point blank to integrate, but that is another story. as they need fixed ip addresses, we did have them programmed into the win7 boxes. too many times they stopped talking to each other as they decided the network was unidentified.

    the fix was to set up the os x dhcp server to provide a reserved lease to each windows 7 box. the win7 machines are now happy that the network is no longer unidentified.

     

    since the actual netwrok settings on the win7 machines are _identical_, apart from now being supplied by DHCP instead of being hard coded, this implies microsfot is up to nonsense with its detection routines. we need to be able to turn this feature OFF.

     

    incidentally, we decided not to make a large purchase of win7 boxes dues to continuing issues with cross-platform compatibility and rubbish like this. bye, microsoft.

     

    Wednesday, May 18, 2011 4:52 AM
  • Hello Lads!

    i have installed Windows 2008 R2 in a home testing lab, there is only one network card in a PC plug in the hub, i gave a manual / static  IP 192.168.1.2 SM 255.255.255.0 No Default Getway and on DNS.

    my network connection is showing me Unidentified Network! i can ping my IP 192.168.1.2 and 127.0.0.1

    to fix Unidentified Network problem i did the following steps as our previous email in this form:

    1. Start --> run --> MMC --> press enter
    2. In MMC console , from menu file select Add/Remove Snap-in
    3. Select Group Policy Object editor --> Press Add --> select Local computer --> press OK -->press OK
    4. Open Computer configration -->Windows Settings -->Security Settings -->select Network list manger policies

    on the right Side you will see options for :

    double click -->Unidentified netwroks

    then you can select the option to consider the Unidentified netwroks as private and if user can change the location.

    after changing my Unidentified network as Private network i can still see sign of yellow exclamation ! on my network in task bar right bottom.

    i am not sure having this Unidentified network can i install DNS on this machine ?

    i have already disabled my Windows 2008 firewalls but no positive results :(

     

    i will appreciate for your help please!

     

    Thanks

     

    Ali

     

     

     

     


    Ali
    Monday, May 30, 2011 8:01 AM
  •  

    I have had this issue on any network that I dont assign a default gateway to.  I had 3 NICs installed, the normal NIC, one for iSCSI, that was local and a backup NIC (Win2008R2).  I didnt route with the 2 storage networks, but even if I did, I would have used static routes, not multiple default gateways (there should only be 1 default gateway unless you are doing failover gateways).  Anyway, the ONLY thing that I found (after a LOT of searching) that works, works consistently, and works across reboots is to make a registry change to the interface(s) that you want to disable NLA:

    1. Run regedit
    2. Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}
    3. Underneath you should see several keys labeled 0000, 0001, 0002 etc… Look through these and find the adapters that you want to disable NLA on.
    4. For each of the adapters, add a new DWORD value named “*NdisDeviceType” and set it to 1 (make sure you get the * at the beginning of the name).
    5. Disable and Enable each of the network adapters.
    I hope this helps someone, and I hope that Microsoft is paying attention.  Using a network interface like this is not that uncommon, and there needs to be an easier way.  I get that Microsoft is trying to protect everyone from themselves, but there are actually a few of us out there that know what we're doing and need to be able to disable this type of "help".
    • Proposed as answer by David Rabahy Monday, October 17, 2011 2:54 PM
    Friday, June 24, 2011 12:15 PM
  • Holy moley!  For Uamk2005 - of all the zillions of GUIDS, how did you come up with the one you mentioned above?

    And for any Microsoft OS engineer who might stumble across this thread - of all the dumb engineering decisions I've seen over the years, this one seems like a doozy.  First of all - even if I have a multihomed server, by **DEFINITION**  I will only have one default gateway.  That's why it's the **DEFAULT**  gateway.  It's the routing path of last resort, where I go if I don't have any other routes assigned. 

    So then, you put in a ton of code that doesn't allow anyone to interact with a **SERVER**  across a NIC without a default gateway assigned - what's up with that????  Wouldn't you think that a NIC without a default gateway assigned would be used mostly for internal, private purposes???  So forcing users to jump through tons of unnatural hoops so they can interact with their  **SERVER** over this NIC is just plain dumb. 

    Sorry to be so blunt, but this bone-headed design cost me 2 days of labor so far, and disconnected at least 100 students and dozens of teachers from their school server.  And it also cost me several days of lost sleep, so now I am very cranky.

    - Greg Scott


    Greg Scott
    Friday, September 2, 2011 5:15 AM
  • Script to Change ‘Unidentified network’ from Public to Work in WS2K8 R2

    hi, I found this articel I hope it will help you all

    http://gallery.technet.microsoft.com/ScriptCenter/2b6c59c3-5404-44ff-b8ac-eb73f9eee559/

     


    Hikmat Kanaan Amman-Jordan MCSE
    • Proposed as answer by Hikmat Kanaan Tuesday, October 18, 2011 9:38 AM
    Thursday, October 6, 2011 11:17 AM
  • Brilliant!  Btw, NLA = Network Location Awareness.

    It took a little bit to figure out which adapter was the adapter I was after since both were the same kind of hardware.  I guessed based on the instance name; the one I was after was "... #2" and so I guessed the adapter was 0007 (instead of 0006).

    By disabling NLA the network connection no longer has a Network Name at all but instead just says Enabled (or Disabled).

    • Proposed as answer by ian7610 Thursday, November 10, 2011 3:41 PM
    Monday, October 17, 2011 2:59 PM
  • Hi,

    I have server 2008 configured as DC running AD DS, DNS, DHCP.

    NIC1 - Static IP  - 10.0.0.1,  Subnet - 255.0.0.0,  Primary DNS  - 10.0.0.1

    NIC2 - Conntected to my DSL modem/router

    Cleints  can log-in, I can ping to each computer

    server can connect to internet BUT the xp clients can NOT.

    IPCONFIG of XP clients shows NO Defualt Gateway.

    What to do and in what way? Any ideas.


    • Edited by ArshadJB Sunday, November 20, 2011 4:15 PM
    Sunday, November 20, 2011 4:14 PM
  • Hi Arshad -

    You need to assign a default gateway to those XP clients.  Your server is essentially acting as the router between your XP clients and the rest of the world - right?  But right now, your clients don't know that.  That's what the default gateway does.  When a computer needs to visit somewhere and it doesn't know the path, it travels via its default gateway.

    Your clients are all using an IP Address of 10.0.0.n, right?  Try giving one client a default gateway of 10.0.0.1 and see how that works.  If it works well, then repeat for your other clients. 

    You may also need to configure your server as a router if it's not already.  Do this with the RRAS MMC applet.  Note that using a Windows server as an Internet router is controversial. 

    - Greg Scott


    Greg Scott
    Sunday, November 20, 2011 4:28 PM
  • Hi Greg,

    Thanks for understanding my problem and your suggestion have in some way implemented.

    This is what I have done:

    In DHCP scope I have defined the IP address of my ADSL Modem (192.168.1.1) as default Gateway.

    Now I can see the default gateway on my XP cleints as 10.0.0.1

    Yes, You are right, their IP adresses ranging from 10.0.0.11 to 10.0.0.253

    Still no internet on client's computers.

    Is it possible for you to give me web address from where I can check the complete configuration of RRAS?

    Is there any otherway to provide internet to xp cleints. Please inform.

    Regards

    Arshad


    • Edited by ArshadJB Tuesday, November 22, 2011 4:11 PM
    Tuesday, November 22, 2011 2:58 PM
  • Your configuration has a fundamental conflict.  And I probably led you further astray by making some assumptions.  So before going further - and I hope my ASCII art doesn't get garbled - is this how you are laid out?

     

    Internet <---> Router <--> Server and desktops

                    192.168.1.1        192.168.1.nnn  10.0.0.1   10.0.0.11 thru .253

    The server has 2 NICs.  The outside NIC at 192.168.1.nnn, probably DHCP assigned from the router, and the inside NIC at 10.0.0.1 - right?

    One more assumption - I am assuming the mask your server assigns to your DHCP clients is 255.255.255.0. 

    If so - then why use the server for routing?  Forget about RRAS and route everything, including your desktops through the router.  That is the router's job.  That's what routers do.  Try these steps:

    1.  Assign the LAN side of your router an IP Address of, say, 10.0.0.254, mask 255.255.255.0.  Disable DHCP on your router. 

    2.  Connect the inside NIC of your router to the same Ethernet switch/hub as the 10.0.0.1 NIC of your server.

    3. Disconnect and disable the 192.168.1.nnn NIC of your server.

    4. Assign your server's default gateway to be 10.0.0.254.

    5. Make sure DNS **server** on your server is set up properly - In Administrative Tools...DNS, look at your server properties, make sure your server has forwarders assigned so it can translate names on the Internet. 

    6. Modify your DHCP scope to hand out a default gateway of 10.0.0.254 and DNS server of 10.0.0.1.

     

    If changing the router is scary, here is another approach:

    1. Leave the router address settings alone.  You will still need to disable DHCP on your router.

    2. On your server, assign a static IP Address of, say, 192.168.1.2 mask 255.255.255.0 to the server's 192.168.1.nnn NIC.  Assign a default gateway of 192.168.1.1.

    3. Connect the server's 192.168.1.2 NIC to the same Ethernet as your desktops.  Also connect your router to this same switch/hub. 

    4.  Disconnect and disable the server's 10.0.0.1 NIC.

    5. Remove the 10.0.0.n DHCP scope on your server. 

    6. Make sure DNS **server** on your server is set up properly - In Administrative Tools...DNS, look at your server properties, make sure your server has forwarders assigned so it can translate names on the Internet. 

    7.  Set up a new DHCP scope for your desktops.  Use a range of, say, 192.168.100 through .,150, with mask 255.255.255.0.  Assign a default gateway of 192.168.1.1 and  DNS server address of 192.168.1.2.

    - Greg

     


    Greg Scott
    • Proposed as answer by ArshadJB Monday, November 28, 2011 5:48 AM
    Tuesday, November 22, 2011 4:15 PM
  • we are so far off topic.
    this post was to do with win7 and unidentified networks.

     

    as far as i'm aware, there is still no fix, which is why we bought macs instead. 


    -flow
    Tuesday, November 29, 2011 1:36 AM
  • I had a similar problem with this, I had a server with two NIC cards.... one was to a network that was safe, the other nic to somewhere of a blackhole. Anyway, the first NIC had a "default gateway", all the settings looked fine but was coming up as unidentified network. To resolve this I had to set another gateway... rather dramatically the connection moved to the correct network profile. Finally I had to clean up the machines.

    What worries me is that this occured when the we had a switch failure! What can I do when so I would not have to do this in the event of another switch failure!

    Thursday, March 22, 2012 5:39 PM
  • Just to be clear on the issue that this answered... ;-)

    Server 2008R2

    Two NICS, Two Separate IP Networks

    Public Network has Default Gateway - Routed just fine

    Private Network did not route correctly until second DNS Zone was configured and IPv4 properties were set as above on both adapters.

    THANK YOU MARTYNK!

    Friday, March 30, 2012 8:04 PM