Skip to content

VPN Binding Order Fix (ALL WINDOWS XP MACHINES!)


I have also posted this on Bruce Cowpers blog!

Some users were calling me with issues saying they couldn’t use outlook because the mail server was not found, also not being able to map network drives while connected to the VPN, yet the VPN on our ISA server looked fine?

They could however map the network drive with the according internal IP.

Right away I knew this was a DNS problem. But what was extremely puzzling, was that half the VPN users had no problem, and some couldn’t do anything.

More research into this and after looking over every single setting on my ISA firewall and checking the DNS servers I found that our DNS wasn’t the problem at all, but rather the binding order of my clients.

After checking the obvious Network Connections Advanced settings to view the binding order, the Remote Access Connections was at the top of the list. BUT if you compared this to your registry located here:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Linkage

Under the BIND KEY “\Device\NdisWanIp” or other words “Remote Connections” was at the bottom of all other devices

to fix this simply cut and paste your “\Device\NdisWanIP” to the top of the list, close regedit, and reboot the system.

Or you can copy and paste the script below in a notepad, save it as bind.vbs, open command prmot, and Cscript bind.vbs.

YOU MUST REBOOT in order for this to take effect!
Sub Main()
 const HKEY_LOCAL_MACHINE = &H80000002 ‘ Root Node that we want in the registry
 strComputer = “.”       ‘ Computer Name  “.” is equal to the local machine
 Set StdOut = WScript.StdOut    ‘ Setup the StdOut for writing
 
 ‘StdOut just writes out to the command window
 StdOut.WriteLine  “——————— Executing ——————————“
 
 ‘Here we’re getting a reference to a registry Object so that we can read/write from/to the registry
 Set oReg = GetObject(“winmgmts:{impersonationLevel=impersonate}!\\” & strComputer & “\root\default:StdRegProv”)
 
 strKeyPath = “SYSTEM\CurrentControlSet\Services\Tcpip\Linkage” ‘The Key Path
 strValueName = “Bind”           ‘The Value Inside the key that’s the multi string

 ‘Get the list of VALUES from the registry
 oReg.GetMultiStringValue HKEY_LOCAL_MACHINE, strKeyPath, strValueName, arrValues
 
 Dim colNewVals           ‘dictionary object used to store the new sorted values sorted
 Set colNewVals = CreateObject(“Scripting.Dictionary”) ‘in the order that we want them to be written back to the registry
 
 StdOut.WriteLine  “This is the original array.”
 For Each strValue In arrValues
     StdOut.WriteLine  strValue
 Next
 
 StdOut.WriteLine  “”
 
 flag = false
 StdOut.WriteLine  “Grab what we were looking for.”
 For Each strValue In arrValues
  If strValue = “\Device\NdisWanIp” Then
   colNewVals.Add 0, strValue
   flag = true
   StdOut.WriteLine  strValue
   Exit For
  End If    
 Next
 
 StdOut.WriteLine  “”
 
 StdOut.WriteLine  “Checking to make sure we found what we were looking for.”
 If flag = false Then
  StdOut.WriteLine  “Nope exiting…”
  StdOut.WriteLine”\Device\NdisWanIp not found.”
  Exit Sub
 End If
 StdOut.WriteLine  “Yep Continuing”
 
 StdOut.WriteLine  “”
 
 StdOut.WriteLine  “Read in the rest of the values.”
 i = 1
 For Each strValue In arrValues
  If strValue <> “\Device\NdisWanIp” Then
   colNewVals.Add i, strValue 
   i = i + 1
   StdOut.WriteLine  strValue
  End If    
 Next
 
 StdOut.WriteLine  “”
 
 StdOut.WriteLine  “This is the new array.”
 For Each strNewVal In colNewVals.Items
     StdOut.WriteLine  strNewVal
 Next
 
 StdOut.WriteLine  “”
 
 StdOut.WriteLine  “Write the values back to the registry.”
 oReg.SetMultiStringValue HKEY_LOCAL_MACHINE, strKeyPath, strValueName,colNewVals.Items
 
End Sub

11 Comments Post a comment
  1. Er!k N #

    If interested, a cleaner and shorter version of the above script. I used parts of the script to solve a related problem, thanx for pointing me in the right direction!

    const HKEY_LOCAL_MACHINE = &H80000002
    Dim ColNewVals()

    bFound = False
    strComputer = “.”
    Set StdOut = WScript.StdOut

    StdOut.WriteLine “——————— Executing ——————————”

    Set oReg = GetObject(“winmgmts:{impersonationLevel=impersonate}!\\” & strComputer & “\root\default:StdRegProv”)
    strKeyPath = “SYSTEM\CurrentControlSet\Services\Tcpip\Linkage”
    strValueName = “Bind”

    oReg.GetMultiStringValue HKEY_LOCAL_MACHINE, strKeyPath, strValueName, arrValues

    ReDim ColNewVals(Ubound(arrValues))

    ‘ Enumerate current order and filling a new array with new order
    StdOut.WriteLine “This is the original array.”
    i = 1
    For Each strValue In arrValues
    StdOut.WriteLine strValue
    Select Case strValue
    Case “\Device\NdisWanIp”
    bFound = True
    colNewVals(0) = strValue
    Case Else
    colNewVals(i) = strValue
    i = i + 1
    End Select
    Next

    ‘ If the value has been found in the previous procedure, the new order will be written to the registry
    ‘ else it will tell the connection was not found.
    If bFound then
    StdOut.WriteLine “”
    StdOut.WriteLine “This is the new array.”
    For Each strNewVal In colNewVals
    StdOut.WriteLine strNewVal
    Next
    StdOut.WriteLine “”
    StdOut.WriteLine “Write the values back to the registry.”
    ‘ oReg.SetMultiStringValue HKEY_LOCAL_MACHINE, strKeyPath, strValueName,colNewVals
    ElseIf not bFound then
    StdOut.WriteLine “\Device\NdisWanIp not found.”
    End If

    StdOut.WriteLine “——————— Finished ——————————“

    2008/06/02
  2. Interesting article, i have bookmarked your blog for future referrence :)

    2009/03/15
  3. I have had so many people contact me stating they couldn’t get this script to work, and it turns out copying and pasting this from wordpress is the issue. I have a zip file containing the VBS and a simple install.bat file that will fix the issues for you.

    Please remember to reboot when you have applied the script.

    http://www.vistanetworks.ca/VPN%20Binding%20Order%20fix.zip

    2009/08/20
  4. klemens Larisch #

    Thank you,
    this will solve my problem completely

    2009/09/14
  5. Insider #

    Very useful solution! I’ve been dealing with this issue for a while.
    Thanks

    2010/01/13
  6. tim #

    Any idea how to fix a similar issue in Windows 7? It’s the same symptoms, however instead of a list of Device\xxx under registry key HKLM\…\Tcpip\Linkage I get a list of GUIDs:

    \Device\{947B316E-398A-466A-8BE8-67B4EB6984BF}
    \Device\{B6E4AD2D-E924-44A5-A07D-111C9EB1373B}
    \Device\{BE13FE63-2886-4EEB-BCDF-CF30CCD7293B}
    \Device\{81E82621-BAD3-4862-9CF8-38779A93309B}
    \Device\{529D9AB7-0668-48E7-9C1D-E9874EC03028}
    \Device\{F008E096-C3D4-4D79-B5DB-0C57EF8A5A4E}
    \Device\{E19FBB7C-C73A-474B-8203-163821663DF7}

    Thanks!

    2010/07/28
    • James #

      Tim,
      I had the same issue, but managed to figure it out. If you look at this registry key, HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network, you’ll see 4 keys that are GUIDs. I don’t think it matters which you choose, so expand the first one. This is a list of GUIDs that are all of the interfaces (physical, virtual, there are probably many of them). Under each there is a key called Connection and a variable Name, which is the name of the interface in the list of interface. This information allows you to identify the GUID of the VPN adapter, which you can then put at the top of the list in the Linkage key. Hope this helps.
      James

      2010/09/02
  7. Hi guys, very usefull script for Windows XP, but this problem still exist for dummy users on Windows 7…

    Somebody can port the script for Windows 7 ?

    2011/07/26
  8. Everything you could possibly think of to make your own fashion statement, you can start your actual customizing.
    Fue un gran paso poder enviar telgrafos y olvidarse de las
    seales de humo y de las palomas mensajeras.

    2013/07/09
  9. If you answered with Nfl Jerseys got them then you might as
    well choose a pair that states that it provides a hundred
    percent protection from UV rays. The lenses have been
    a favorite among boaters and fisherman because they block out all UV.
    The bestNfl Jerseys lenses should look good, fit well and satisfy your needs.
    They expect a lot of awards in the form of patents and trademarks.

    2013/07/09

Trackbacks & Pingbacks

  1. Paranoid question about VPN connections on Windows + secure DNS

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 25 other followers

%d bloggers like this: