Critical network issues with client

Posted on 2007-04-10
Medium Priority
Last Modified: 2013-11-09
A small issue has now escalated into a large one!

Our CEO uses a Dell X1 laptop, docking in between his two offices and home office. The laptop runs Win XP SP2 and is configured as a non domain client as per his request.

He appears to be suffering random network disconnects, causing the machine to hang for several seconds, his AOL client (Yes I know) to disconnect, and half the icons on his desktop reset to default.(Including locally installed apps) After 10 seconds or so, the adaptor appears to reset all reverts back to normal. This happens on both the LAN connection, AND a secondary wireless conection we set up for him.

The laptop has to be the issue, but he is adament that its not. (He does not suffer this problem at any other site) Due to this, we are not allowed to touch it.

Other than the pitfalls of having AOL installed on the laptop, the only other problem I can think of is Sophos. We run a Sophos server that deploys updates to clients, but the CEO's laptop uses a standalone version that updates from the net. Is it possible that the network deploy of Sophos is to blame somehow by interfering with his standalone install?

I've now been told to get external consultants in to 'fix' our network. You can see my fustration, as we cannot troubleshoot the machine itself. Does anyone have any idea what could be the problem?

The points reflect the problem, as a solution will stop us being marched outside and birched. I can provide any information requested.

20 Win 2003 Servers
2 x Sonicwall 5060
Cisco 7200
Procurve Switches
Question by:AdamJPeters
  • 3
  • 3
  • 2
  • +1
LVL 78

Expert Comment

by:Rob Williams
ID: 18882746
I suspect the problem is the AOL connection. AOL and VPN's do not get a long. Google those 2 and you will see an FAQ on every University site for the students such as the following:
"When connected to the VPN, AOL disconnects after few seconds. This
happens because of a "connection keepalive" sent by AOL. When
connected to the VPN, the AOL server doesn't recognize that the
connection is now being sent through the VPN, and is led to believe that
the machine is no longer connected to its network. Since it no longer sees
the client, it disconnects the session. This is expected behaviour from AOL
connected clients. AOL does not claim to provide any support for VPN on
their infrastructure. Use a different ISP if you need to connect to the UoN
From: http://www.nottingham.ac.uk/is/support/knowledgebase/guides/IS1507.pdf

Expert Comment

ID: 18882750
The problem might be a conflict between both the network adapter and the wireless connection. Try using only one of them (ask the CEO to disable one adapter and use only one at a time); that will pin-point which adapter, if any, is faulty...

Author Comment

ID: 18882868

SPOued - Already tried that, it was the only thing I was allowed to touch! Currently he's back on the LAN connection with the wireless disabled, but this problem occurs in either config.

RobWill - Interesting. Our main office has about 6 VPNs configured via our Sonicwalls. When the CEO is in London or at home, the LAN's their have no VPN capability.

Question - Why would AOL try to send keep alives down the VPN tunnels to other sites? When in the main office, he only really needs access to the gateway and his LAN printer. Why would AOL start firing packets down the VPN tunnels?

I'm getting to the point where I'm going to assign a new interface on the Sonicwall and give him his own subnet.
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

LVL 78

Expert Comment

by:Rob Williams
ID: 18883207
As to how and why AOL works I am afraid I have no idea. I have never had the good fortune to deal with them. However I pointed that out as I had the impression above that this occurs primarily with the AOL connection. AOL and VPN issues are very common and well known problem.

Sorry, not quite sure what you mean by; "RobWill - Interesting. Our main office has about 6 VPNs configured via our Sonicwalls. When the CEO is in London or at home, the LAN's their have no VPN capability."
LVL 17

Expert Comment

ID: 18883414
Please check the event viwer deatils of boss laptop and which AOL version you are using..?
Iam not giving any differnet answer only adding the comments with ROB WILL ..chcek this URL -http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_qanda_item09186a00801c2dbe.shtml



Author Comment

ID: 18883468
Thanks Guys

Rob - He doesn't use a VPN connection at all, he connects directly to the gateway. We do have point to point VPN connections on our firewalls to other offices, but not ones he frequents.

I'm setting up a different subnet for him tonight to see if that helps.

kadadi - I did try to access the event log onh is laptop, but he threatened to cut my fingers off! Can't access it remotely as he is off the domain and had his own admin password. See how hard my life is!
LVL 78

Assisted Solution

by:Rob Williams
Rob Williams earned 800 total points
ID: 18883529
Sorry AdamJPeters, for some reason I got off on the wrong foot assuming he was connecting to the corporate office by VPN. Not sure why, as there is no mention of it above.

Can't say I envy you, it must be the laptop or his connection, but he won't let you have access to troubleshoot it !!!

Accepted Solution

SPOued earned 1200 total points
ID: 18883557
I think that above solving this problem, your CEO needs to understand the procedure one has to go when troubleshooting. You don't go straight accusing a network to be faulty while a client machine has not been investigated and decided that it's not the cause of the problem.
I understand your situation whereby, a CEO or any other senior executive tries to turn your life to hell with this kind of behavior.
My two cents are that there have been at some point some loss of confidence from the CEO to the capabilities of the IT team (which eventually leads him to consider contracting an external consultant for this problem). In this situation, you need to firmly lay things down with him and let him understand that as long as he keeps preventing you from doing your job properly (like investigating on his portable) then he should bear full responsibility of any problem that might just happen.
Now, creating a subnet for him alone, may still help in detecting what's faulty, but i'd suggest you try to take a closer look at what's different between the other sites where he pretends he has no problem connecting to and yours.

Author Comment

ID: 18888466
Both of you guys are right, its not a good environment to worj in, and you have confirmed my feelings. I've awarded points to suit, as there is no real definative fix.

He's running on his own subnet now, so fingers crossed all will be okay. I'll be keeping an eye on Sophos though. He runs his own client version which has already hung on him this morning.


Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
An article on effective troubleshooting
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses
Course of the Month15 days, 3 hours left to enroll

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question