DHCP RAS connections

Hey now.

I'm getting strange entries in my Win 2000 DHCP Address Leases. I don't have RAS enabled on this machine, and I'm not using routing and remote access.  I am, however using Remote Desktop (but closed on the firewall). But I'm still seeing 3 entries showing RAS instead of a MAC address, 2 have the same machine name and 1 is unique.

I've changed my login name and password last week but still see new leases popping up today.

Can someone please explain to me how this is possible? And what I can do to prevent it?

Thanks in advance for any help.
chrisfuzyAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
JamesDSConnect With a Mentor Commented:
chrisfuzy
The RAS service runs on your DHCP client and will simply hunt round the network for a DHCP server. The server itself is irrelevant to RAS - it simply sees whats available and takes an IP for each RAS port.

Try looking in your WINS database for the IP address - you may at least be able to get the username of the last logon

Cheers

JamesDS
0
 
ZakDaddyCommented:
Are the 3 machine names you mention from within your network, or foreign?

What is the timing of the leases you see showing up mysteriously?  Default lease assignment for Win2k DHCP is 8 days, I'm sure you know that - but if any machine is issued an 8 day lease it will attempt to renew after half the time is expired.  

Sorry to answer a question with more questions, but the more info we have the more people might be able to do with it...
0
 
chrisfuzyAuthor Commented:
I believe they're from our network....In other words I've seen them with regular leases before. I have lease expiration set for 7 days, and the leases for those three machines expire one week from today.
0
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
JamesDSCommented:
chrisfuzy

One of the machines on your network has RAS switched on and the RAS service automatically gets an IP address from the DHCP server when it starts.
To find the culprit.

run from your command line:
NBTSTAT -a <insert target hostname here>

this will return a table which usually contains the username of the person logged on and hence a probable culprit.

Cheers

JamesDS
0
 
chrisfuzyAuthor Commented:
Tried it this morning, no luck. Got back "Host not found". I guess that means they're not logged on at the moment, so I'll keep trying throughout the day.

I'm still not clear as to how they can log on using RAS if it's not running on the DHCP machine, though.
0
 
mrfixit22Commented:
When a client is offered and accepts an IP address a 'lease' is created for x amount of days. To view current leases perform the following:

Start the DHCP MMC snap-in (Start - Programs - Administrative Tools - DHCP)
Expand the server
Expand the scope whose leases you wish to view
Select the 'Address Leases' branch and in the right hand window you will see the current lease details.
It will give details of the IP address, client name and the lease expiration date. Expired leases are also shown for approximately one day but have a dimmed icon. This grace period protects a client lease in the event of the client and server being in different time zones, clocks not synced or simply offline.

A known problem exists with the Windows 2000 DHCP server that causes the server to ignore a lease release request from a client on another subnet because releasing the lease causes the DHCP server to use its own IP address instead of the client's. This problem occurs if you haven't defined a scope for the DHCP server's primary interfaces local subnet. To work around this problem, create a scope for the local subnet (you don't have to activate it).

You can also manually delete the leases. Perform the following steps:

Start the Microsoft Management Console (MMC) DHCP snap-in (Start, Programs, Administrative Tools, DHCP).
Select the Scope that contains the leases to be deleted.
Select the Address Leases container.
Right-click the lease to be deleted and select Delete.
Click OK to the confirmation.

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.