Solved

SBS 2003: Remote Web Access suddenly inaccessible

Posted on 2006-10-24
30
425 Views
Last Modified: 2008-01-09
Have SBS2003 with the latest updates applied.  
Am running DHCP on the Netgear router which is configured using UPnP.
All setup using the to do list wizards and all working fine.
Every now and again (cant assign any particular frequency) remote web workplace becomes inaccessible (page cannot be displayed) with no errors reported.
Web accessa and email work fine.
As soon as I rerun the Internet connection and Remote working wizard everything works fine again.

Nothing is being changed on the router or server manually so I don't know why this is stopping working and what by running the wizards again is fixing it.  

I cannot leave it in this state as the only way to fix is to be on site with the server.  There are similar symptoms reported in other posts but all seem to be caused by someone having changed something.  As this is happening regularly I'm sure its a technical rather than user problem.  

My suspicions are around router settings (port assignments being lost) or DHCP but points go to the person who can explain why this is happening regularly and advise a fix.
0
Comment
Question by:pedsteruk81
  • 15
  • 13
30 Comments
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
Comment Utility
I would NOT run DHCP on the router, but instead have it running from your SBS.  

Please, though, post a complete IPCONFIG /ALL from the server so we can take a look at your settings.

Jeff
TechSoEasy
0
 

Author Comment

by:pedsteruk81
Comment Utility
Cant post any details from the server at the mo as not on localtion and remote access is down:)

Please no statements without valid reasons\explanations.

What information do you hope to get from the IPCONFIG results?
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
Comment Utility
pedsteruk81,

I realize you are new to EE... and welcome!  But I don't believe I made a statement, other than my opinion that I wouldn't run DHCP on the router... which I'll be happy to validate for you if you like... but I'd prefer to do so after seeing more information.

My request for a complete IPCONFIG /ALL was not a statement.  It was a request for more information so that I can at least have a very basic idea of what you're looking at.  I make this request for ANY question that involves a networking or connectivity problem.

While there is nothing in an IPCONFIG /ALL that would compromise the security of your network (this is the most often requested output in any support forum), there may be items which would provide your identity and therefore compromise your privacy if that is of concern.

Therefore, if you feel that it's necessary, you can modify the domain name, but please only modify anything that is identifiable to something generic.  Such as changing TechSoEasy.local to MyCompany.local.  If you have any public IP addresses, please just replace the last two octets with ***.***, and some people do not like to have the MAC (Physical) address shown... if you like, just modify he last few sections of these to **-**-**.

Thanks!

Jeff
TechSoEasy
0
 

Author Comment

by:pedsteruk81
Comment Utility
I think you misunderstand me so lets start again.

I'm not new to EE nor am I new to computing.

What I'm not interested in in this post is people making statements that don't actually fix the problem (seen too much on EE for my liking).  If you think my problem is because I'm running DHCP on the router then that's a different matter.

I know your request is not a statement and my point is tell me what you want to know and maybe I can answer in the absence of me being able to run the IPCONFIG as I'm not actually at the server.

I'll be getting the thing back up tomorrow am but cannot remote on from my office (firewall stuff) so any information (settings checked) based on the actual server will have to wait till the evenings.

Thanks,
Dave
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
Comment Utility
Dave,

Sorry if I mistook the fact that your account was created today did not mean that you were new to EE.

I also didn't mean to imply by my explanation that you were new to computing.  You asked for reason/explanation and I provided it.

The information that I need to see is pretty much EVERYTHING that's in an IPCONFIG.  I'm not looking for just one item, but rather wanting to see the entire configuration so that I can see if there are any problems with it.

If it's not easy for you to provide, then I would think we'll have to wait. Otherwise, there is no definitive way to know what the problem is.  There are just too many variables to make any kind of supposition and being able to at least see your IPCONFIG will help to either eliminate or confirm many of those.

My only "guess" at this point would be what I've already stated... that DHCP running on your router is generally not a good idea.  For any number of reasons, but mostly because it's probably not providing WINS information to the network which would cause communication to drop on a regular basis as different leases time-out.

Jeff
TechSoEasy
0
 

Author Comment

by:pedsteruk81
Comment Utility
Was after an explantion of of the DHCP statement not IPCONFIG.

Cant get the server up untill Staurday morning (28th).

I have all the confguration documented so may be able to give you an idea but if its better to wait then so be it.

What leases would the remote services use?  Anyone connected to the network can access emails\internet its just the remote stuff that goes down.

My gut feeling is the router is losing the firewall config thus the ports are closed.  Re running the wizards open them up again.  Anyway we an check this now?
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
Comment Utility
Sorry, I missed your last post here... so have you had any luck?

Regarding your question about what leases does remote services use?  http://support.microsoft.com/kb/292822/ explains a bit about this.

The only way to see if your theory of the router losing the firewall config would to not rerun the wizard and just look at your router's control panel.

Jeff
TechSoEasy
0
 

Author Comment

by:pedsteruk81
Comment Utility
Unfortunately have not been able to get someone on site.  So looks like tommrrow.

Thanks for the update, that is the plan when i get at the box and if a manaully open the ports and it all works then all good.  Was hoping there was a way to prove this remotely?

Either way not to worry and will update once have made some progress.

Thanks,
Dave
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
Comment Utility
The only to do this remotely would be if remote management was enabled on your router (usually port 8080)

Jeff
TechSoEasy
0
 

Author Comment

by:pedsteruk81
Comment Utility
Ok server is up by re running the wizards again.

Having looked through the event log have come accross a few RemoteAccess warnings with ID 20084 this may be related but does not seem to be whats brining it down as it works post these errors:
The Remote Access Server will stop using IP Address 10.128.1.11 (either because it was unable to renew the lease from the DHCP Server, the administrator switched between static address pool and DHCP addresses, or the administrator changed to a different network for DHCP addresses). All connected users using IP will be unable to access network resources. Users can re-connect to the server to restore IP connectivity.

As requested
Windows IP Configuration

   Host Name . . . . . . . . . . . . : Server1
   Primary Dns Suffix  . . . . . . . : server1.mycompnay.co.uk
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : Yes
   WINS Proxy Enabled. . . . . . . . : Yes
   DNS Suffix Search List. . . . . . : Server1.mycompnay.co.uk
                                       mycompnay.co.uk
                                       co.uk

PPP adapter RAS Server (Dial In) Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
   Physical Address. . . . . . . . . : 00-53-45-**-**-**
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 10.128.1.17
   Subnet Mask . . . . . . . . . . . : 255.255.255.255
   Default Gateway . . . . . . . . . :
   NetBIOS over Tcpip. . . . . . . . : Disabled

Ethernet adapter Server Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
   Physical Address. . . . . . . . . : 00-14-22-**-**-**
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 10.128.1.10
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 10.128.1.1
   DNS Servers . . . . . . . . . . . : 10.128.1.10
   Primary WINS Server . . . . . . . : 10.128.1.10

0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
Comment Utility
Well, your problem is that you've installed your server with an incorrect domain name.  Your INTERNAL domain really has nothing at all to do with your PUBLIC domain name, and since Active Directory recognizes co.uk as a FQDN, the use of mycompany.co.uk has actually created a child domain space which is not supported by SBS.

This is why your DNS search suffix list contains additional items (Server1.mycompany.co.uk and co.uk) as these would normally not be in a correct output.

You haven't mentioned how long this server has been deployed, but it's a wonder that it has functioned at all with this configuration.  

I'm afraid that the only way to correct this is a full reinstallation of your SBS since you cannot rename a domain with Small Business Server.  You'll see some backup conversation about this here:  http:Q_21054342.html

Jeff
TechSoEasy
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
Comment Utility
One other note... you stated that "remote access was down" but I'm not sure that any of these problems would have prevented you from accessing your server via Remote Desktop (Terminal Services) which is enabled on SBS by default for Administration purposes only.  You would need to have port 3389 open on your router though.

Jeff
TechSoEasy
0
 

Author Comment

by:pedsteruk81
Comment Utility
Thanks for that.  The server has been running without problems (except the remote access) for almost 12 months.

As you mention its does not seem that this configuration is what is causing the remote access problem.  All ports are open and everything works 100% then without error all remote access services just stop I.e TS, Remote web workplace.  Can you offer any assistance on this problem?

Also can you supply some information regarding the potential problems with this configuration?

0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
Comment Utility
Have you attempted to use your IP address for remote access?  ie, https://123.456.789.01/remote ??  or using the external IP in an RDP connection?

Jeff
TechSoEasy
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 

Author Comment

by:pedsteruk81
Comment Utility
Yes
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
Comment Utility
And what about internally?  From the server itself, what happens when you go to http://localhost/remote?  

Jeff
TechSoEasy
0
 

Author Comment

by:pedsteruk81
Comment Utility
I'm not 100% sure as but i think it does not work.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
Comment Utility
how about being 100% sure by checking and then letting us know.  

Jeff
TechSoEasy
0
 

Author Comment

by:pedsteruk81
Comment Utility
Only problem with that is i need to wait untill it breaks again and then be on location to test....

I have repalced to UPNP configuration with static port forwardings on the router so if my gut was right it wont go down again.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
Comment Utility
Okay... I'm going to take a stab at this then and guess that when it does break (which should be at the end of your DHCP lease which you have apparently left running on your router)...  you should still be able to access the main menu of RWW but you will not be able to reach individual desktops.

This is because, as I stated at the very beginning of this thread, your workstations are not getting the proper networking information from your router via DHCP.  I'd also suspect that your server may not be getting the proper information into DNS as well because of this.

I've never found any good reason to keep DHCP running on a router and there are tons of reasons to let SBS handle it.

If you'd like to move it there, please see the lower part of the page at this link which will tell you how:  http://sbsurl.com/dhcp

Jeff
TechSoEasy
0
 

Author Comment

by:pedsteruk81
Comment Utility
Thanks Jeff.  

I will look at changing it over if it continues to play up but unless I can link it to this problem I am reluctant to change things.  You mention I should be able to reach the main menu of RWW but this is not the case which I why I don't think this is my problem.

Workstations only get an IP and thus the networking information after the connection has been made however my problem is pre this stage (hitting the website) and the internal machines are not effected.

You mention the server not getting the proper information into DNS  and surely this is something that can be checked and verified?  I can see why you may think its lease related however I would expect to see a pattern in the time between failures which is not the case.

There was only one reason for using DHCP on the router over the server and that was to be able to allow visitors to use the office internet connection whilst being segregated from the server itself and the company workstations.

Dave
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
Comment Utility
Well, I think there are two problems, and they are related.

The fact that you say your workstations ONLY get an IP is a problem.  They should be also be getting the following information through DHCP:
Router 10.128.1.10
DNS Servers 10.128.1.10
DNS Domain Name mycompnay.co.uk
WINS/NBNS Servers 10.128.1.10
WINS/NBT Node Type 0x8

The other problem is your use of a .co.uk domain name which I've already pointed out.

Your reasoning for using DHCP on the router is misguided.  Visitors could still use the office Internet connection and they would get an IP from the DHCP service running on the SBS.  DHCP doesn't care whether or not the request is made by a domain member.

Jeff
TechSoEasy
0
 

Author Comment

by:pedsteruk81
Comment Utility
Sorry that was a typo - of course the workstations are getting all of the information.  My point was this wont happen (for a remote PC) until after the connection is made through RWW and my problems are pre this stage.

We have not identified any actual problems with the .co.uk domain name.

There is obviously more to it and I appreciate a machine does not need to be a domain member to get an IP.  Via the router you can create totally isolated IP ranges so non domain machines cannot access domain resources.  You may very well be able to implement the same thing using SBS DHCP.

I'm not saying your wrong with regards to changing however need a valid reason and proof this is what is causing the problem.

Nothing we have spoke about has actually addressed the problem reported.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
Comment Utility
"My point was this wont happen (for a remote PC) until after the connection is made through RWW and my problems are pre this stage."

Can you explain what you mean by this?  Because RWW is NOT a VPN connection.  The remote machine NEVER will get any info from DHCP through RWW.  

Again your reasoning about the isolated IP range is misguided as well.  Non-domain computers cannot access domain resources because they aren't authenticated.  Then CAN however receive a valid IP address and Internet access.

Jeff
TechSoEasy
0
 

Author Comment

by:pedsteruk81
Comment Utility
Yes your right.  The point I'm trying to make is that you believe the problem is DHCP lease related  but I fail to see the connection with regards to the RWW not working -  As you said 'The remote machine NEVER will get any info from DHCP through RWW'.  My thinking was in relation to your comment 'you should still be able to access the main menu of RWW but you will not be able to reach individual desktops' which is not the case with my error.

So its clear all remote services are effected RWW, RDP & VPN.

I sure I read something with regards to SBS allocating a IP for remote communications between server and remote sessions but this is going beyond my understanding and my memory of this is vague.

I'm not so sure as its a matter of security levels - In your example non-domain computers can see domain resources and with provided credentials can access.  In my example they cannot even see each other so the network is more protected.
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 500 total points
Comment Utility
The connection with RWW is that I had thought you were having a problem connecting to LAN workstations from the RWW main menu.  I apparently misunderstood this point.  If you were having that problem then DHCP definitely can be a cause.

Is it clear that all remote services are unavailable to you?  You cannot access your server using RDP?  (There is NO IP allocated for this, so it's not really as you are thinking).

At any rate... all of this conversation is totally academic at this point... if you'd just move the DHCP service to your SBS then your problems would be solved.

Jeff
TechSoEasy
0
 

Author Comment

by:pedsteruk81
Comment Utility
But I want to know why it would be solved....what's causing the problem?  You need to explain what its fixing before I can accept your answer and change things around.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
Comment Utility
Sorry... I follow best practices so that I don't have to figure stuff like this out.  Really... I don't find it to be productive.  You certainly don't have to accept my answer, even though it will resolve your problem.

Jeff
TechSoEasy
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Suggested Solutions

In the event you manage a Small Business Server 2003, and you are audited for PCI compliance, there are several changes you must make in order to pass the audit. I can take no credit for discovering any of these fixes or workarounds, but there is no…
Introduction At 19:33 (UST) on Tuesday 21st September the long awaited email arrived with the subject title of “ANNOUNCING THE AVAILABILITY OF WINDOWS SBS 7 PREVIEW”.  It was time to drop whatever I was doing and dedicate as much bandwidth as possi…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now