Solved

DHCP RAS connections

Posted on 2004-04-13
6
570 Views
Last Modified: 2008-03-10
Hey now.

I'm getting strange entries in my Win 2000 DHCP Address Leases. I don't have RAS enabled on this machine, and I'm not using routing and remote access.  I am, however using Remote Desktop (but closed on the firewall). But I'm still seeing 3 entries showing RAS instead of a MAC address, 2 have the same machine name and 1 is unique.

I've changed my login name and password last week but still see new leases popping up today.

Can someone please explain to me how this is possible? And what I can do to prevent it?

Thanks in advance for any help.
0
Comment
Question by:chrisfuzy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 1

Expert Comment

by:ZakDaddy
ID: 10817959
Are the 3 machine names you mention from within your network, or foreign?

What is the timing of the leases you see showing up mysteriously?  Default lease assignment for Win2k DHCP is 8 days, I'm sure you know that - but if any machine is issued an 8 day lease it will attempt to renew after half the time is expired.  

Sorry to answer a question with more questions, but the more info we have the more people might be able to do with it...
0
 

Author Comment

by:chrisfuzy
ID: 10819014
I believe they're from our network....In other words I've seen them with regular leases before. I have lease expiration set for 7 days, and the leases for those three machines expire one week from today.
0
 
LVL 16

Expert Comment

by:JamesDS
ID: 10820878
chrisfuzy

One of the machines on your network has RAS switched on and the RAS service automatically gets an IP address from the DHCP server when it starts.
To find the culprit.

run from your command line:
NBTSTAT -a <insert target hostname here>

this will return a table which usually contains the username of the person logged on and hence a probable culprit.

Cheers

JamesDS
0
Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

 

Author Comment

by:chrisfuzy
ID: 10822765
Tried it this morning, no luck. Got back "Host not found". I guess that means they're not logged on at the moment, so I'll keep trying throughout the day.

I'm still not clear as to how they can log on using RAS if it's not running on the DHCP machine, though.
0
 
LVL 16

Accepted Solution

by:
JamesDS earned 500 total points
ID: 10822858
chrisfuzy
The RAS service runs on your DHCP client and will simply hunt round the network for a DHCP server. The server itself is irrelevant to RAS - it simply sees whats available and takes an IP for each RAS port.

Try looking in your WINS database for the IP address - you may at least be able to get the username of the last logon

Cheers

JamesDS
0
 
LVL 5

Expert Comment

by:mrfixit22
ID: 10823875
When a client is offered and accepts an IP address a 'lease' is created for x amount of days. To view current leases perform the following:

Start the DHCP MMC snap-in (Start - Programs - Administrative Tools - DHCP)
Expand the server
Expand the scope whose leases you wish to view
Select the 'Address Leases' branch and in the right hand window you will see the current lease details.
It will give details of the IP address, client name and the lease expiration date. Expired leases are also shown for approximately one day but have a dimmed icon. This grace period protects a client lease in the event of the client and server being in different time zones, clocks not synced or simply offline.

A known problem exists with the Windows 2000 DHCP server that causes the server to ignore a lease release request from a client on another subnet because releasing the lease causes the DHCP server to use its own IP address instead of the client's. This problem occurs if you haven't defined a scope for the DHCP server's primary interfaces local subnet. To work around this problem, create a scope for the local subnet (you don't have to activate it).

You can also manually delete the leases. Perform the following steps:

Start the Microsoft Management Console (MMC) DHCP snap-in (Start, Programs, Administrative Tools, DHCP).
Select the Scope that contains the leases to be deleted.
Select the Address Leases container.
Right-click the lease to be deleted and select Delete.
Click OK to the confirmation.

0

Featured Post

Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
This article shows how to use a free utility called 'Parkdale' to easily test the performance and benchmark any Hard Drive(s) installed in your computer. We also look at RAM Disks and their speed comparisons.
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question