Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 31002 Source: ipnathlp

Source
Level
Description
The DNS proxy agent was unable to bind to the IP address <ip address>. This error may indicate a problem with TCP/IP networking. The data is the error code. Data: 0000: 1d 27 00 00
Comments
 
The following applies to this error: "Have solved this problem and have this thing figured out to a "T". I'm on Windows 2K Advanced Server running one Windows NT4 client computer. The server computer has 2 NICs in it. One NIC connects to my DSL modem; the other NIC is for the local network and connects to the client computer via a crossover cable. I’m using Routing and Remote Access Network Address Translation (NAT) to give Internet Access to the client computer. What happens is that NAT sets up its own DNS Proxy Agent to allow the client to use the DNS server of my ISP through this proxy. In addition, NAT sets up its own DHCP allocator to allocate IP addresses and configuration data to clients on the local network. Unfortunately, this DHCP allocator in NAT is not configurable. Therefore, for local name resolution I had to install WINS on the server. This means you have to enter manually the WINS address into the TCP/IP properties on the client machine (the NAT configured DHCP server does not configure WINS and you cannot set it up to do so either). This can be a real hassle if you have many computers on your local network, and this seems to me to defeat the whole purpose of DHCP to begin with. Another catch-22 is that since my local domain name is not officially registered on the Internet, my server "requires" that DNS be installed. This creates conflict, as the NAT supplied DNS proxy agent cannot bind to my local network NIC, since the server installed DNS server gets it first. I have figured out how to make things work freeing up the processor load considerably. In Routing and Remote Access, navigate to “Routing and Remote Access\<servername>\IP Routing” and right click Network Address Translation (NAT) and select properties. Look under the Name Resolution Tab and remove the checkmark next to "Resolve IP Addresses for Clients using Domain Name System (DNS)". This action is what is being referenced rather unclearly in ME250603 where it says, "NAT (which is installed using routing protocols in the Routing and Remote Access Service (RRAS) snap-in) works correctly if you do not enable the DNS Proxy service or the DHCP allocator". Upon rebooting, the "unable to bind" error is not present. However, while client computers can ping local machines by name (having resolved them via WINS), they can only ping remote machines (on the Internet) by numeric IP addresses, as clients are unable to resolve remote names for pinging, with a "Bad IP address" error on the client. Even entering the DNS server address manually on the client machine does not work. To resolve this, in “Routing and Remote Access” navigate to “Routing and Remote Access\<servername>\IP Routing” and right click Network Address Translation (NAT) and select properties. Under the Address Assignment tab, remove the checkmark next to "Automatically assign IP addresses by using DHCP". This is also referenced unclearly in ME250603 where it says, "NAT (which is installed using routing protocols in the Routing and Remote Access Service (RRAS) snap-in) works correctly if you do not enable the DNS Proxy service or the DHCP allocator". Now install DHCP on the server and create/configure the scope as appropriate. I configured my scope for options 03, 06, 15, 44 and 46. This setup appears not to require the forced binding of the DNS proxy, but the DNS proxy is still set up and available. It appears that for local name resolution WINS is used, and for remote name resolution the proxy DNS is used. Works great for me, and no errors in the event log".
I had the same problem. I could connect to the internet from server (with cable connection), but from the clients only by IP. My server configuration is RRAS with NAT, DHCP, and DNS. The problem is the combination NAT and DNS. Solution: Stop DNS Services and enable DNS in properties NAT. On clients by internet-options, connections, LAN setting, make sure nothing is selected and proxy server is disabled. All clients will automatically connect to the internet by using NAT.
We have not been able to confirm it yet, but apparently, this error shows up when ICS (Internet Connection Sharing) is running on the DNS/DHCP server. These services are conflicting with ICS (see ME250603). ICS and NAT have a DNS proxy service and it conflicts with running DNS on the same machine. You should disable the DNS proxy by clearing a checkbox about providing DNS in the properties of the NAT/ICS config.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.

Read more...

 

Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.

Read more...