Tablets with ARM processors cannot complete CMROUTE.dll execution on VPN connection

Hi @Scott O'Brien

The error message indicates that the custom script to update the routing table is failing, likely due to compatibility issues or missing files. Here's how you can address it:

Workarounds and Solutions:

1. Dynamic Routing Script:
   • Since the client IP and gateway change dynamically, you can use a script to update the routing table manually after the VPN connection is established. For example, a PowerShell script can dynamically fetch the gateway and configure the route: Replace "10.0.0.0/16" with your desired route and "VPN Connection Name" with the name of your VPN connection.

$gateway = Get-NetRoute | Where-Object { $_.DestinationPrefix -eq "0.0.0.0/0" } | Select-Object -ExpandProperty NextHopNew-NetRoute -DestinationPrefix "10.0.0.0/16" -NextHop $gateway -InterfaceIndex (Get-NetAdapter -Name "VPN Connection Name").ifIndex

1. Check Compatibility:
   • Ensure that the VPN client you are using is fully compatible with ARM processors. Some VPN clients may not support ARM architecture, leading to issues with executing CMROUTE.dll.
   1. Alternative VPN Clients:
      • If the built-in VPN client is causing issues, consider using third-party VPN clients that are compatible with ARM processors and support custom routing.
      1. Manual Routing:
         • If scripting isn't an option, you can manually add routes after connecting to the VPN. Use the route add command in Command Prompt: Replace <gateway_ip> with the actual gateway IP obtained after connecting.

route add 10.0.0.0 mask 255.255.0.0 <gateway_ip>

1. Azure Point-to-Site Configuration:
   • If this is related to an Azure Point-to-Site VPN, ensure that the configuration files are correctly generated and downloaded from the Azure portal. Regenerate the VPN client configuration if necessary.
2. Logs and Diagnostics:
   • Check the logs in the VPN client directory (e.g., C:\Users\<YourUsername>\AppData\Roaming\Microsoft\Network\Connections\Cm\) for more details on why CMROUTE.dll is failing.

To create a script that dynamically configures the routes and resolve the issue with CMROUTE.dll execution. Since the gateway changes with each connection, we'll create a PowerShell script that automatically retrieves the current gateway and updates the routing table. Here's an example script for you:

PowerShell Script for Dynamic Routing

# Get the current VPN connection's gateway 
$gateway = Get-NetRoute | Where-Object { $_.DestinationPrefix -eq "0.0.0.0/0" } | Select-Object -ExpandProperty NextHop
# Specify your destination subnet and prefix 
$destinationPrefix = "10.0.0.0/16"  # Replace with your required destination# Get the VPN connection's interface index 
$interfaceIndex = (Get-NetAdapter -Name "VPN Connection Name").ifIndex  
# Replace with your VPN connection name# Add the route to the routing table 
New-NetRoute -DestinationPrefix $destinationPrefix -NextHop $gateway -InterfaceIndex $interfaceIndexWrite-Host "Route added successfully: $destinationPrefix via $gateway" 

Steps to Use the Script

1. Replace "VPN Connection Name" with the name of your VPN connection. You can find the connection name by running the following command:
2. Replace "10.0.0.0/16" with the IP range you want to route through the VPN.
3. Save the script to a .ps1 file, such as DynamicRoute.ps1.
4. Run the script every time you connect to the VPN by launching PowerShell with administrative privileges.

Automating the Script

If you'd like to run the script automatically after the VPN connects:

1. Use Task Scheduler:
   • Create a task triggered by the VPN connection event.
     • Point the task to execute the PowerShell script.
     1. Edit the CMP File:
        • Replace the failing CMROUTE command in the .cmp file with a call to the PowerShell script:

powershell.exe -File "C:\Path\To\DynamicRoute.ps1"
Get-NetAdapter

 Kindly let us know if the above helps or you need further assistance on this issue.