?
Solved

Can not access Remote access server

Posted on 2007-10-08
16
Medium Priority
?
1,006 Views
Last Modified: 2012-06-21
We have 2 Remote access servers on our network which have been working fine. I can no longer VPN int one of them using the PPTP connect we use. I tried comparing the 2 server setting in the routing and remote access screen (IP Routing) and found on the one that works it has a loopback a LAN, and a Internal also the same on the one that dosen't work. The difference is the one that works on the internal interface it has an IP address, the administrative staus is UP and the operational status is connected. on the one that does not work the internal interface does not have an IP address (Not available) , the administrative staus is unknown  and the operational status is non operational? Every thing was working unti we tried to change our firewall. We were using a PIX 506 and was going to a AA5505. All we did was unplug the Ethernet cable and the WAN cable. We found some things we not working, so after a while we decided to go back to the original PIX's until we could straighten the ASA's out. Now everything works except We can not connect to the one Remote Access Server
0
Comment
Question by:nestey
  • 9
  • 7
16 Comments
 
LVL 10

Expert Comment

by:Phadke_hemant
ID: 20036213
can you please paste the ip configuration for both the servers?
0
 

Author Comment

by:nestey
ID: 20036594
Do you mean from the TCP/IP properties?
0
 
LVL 10

Expert Comment

by:Phadke_hemant
ID: 20037967
ip configuration is shown in TCP/IP properties.
jusy open command prompt, use command ipconfig /all and paste the output
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:nestey
ID: 20037980
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\Administrator.NTSERVER1>ipconfig/all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : mapna1
   Primary Dns Suffix  . . . . . . . : ntserver1.pna.com
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : Yes
   WINS Proxy Enabled. . . . . . . . : Yes
   DNS Suffix Search List. . . . . . : ntserver1.pna.com
                                       pna.com

Ethernet adapter Local Area Connection 2:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : D-Link DGE-530T Gigabit Ethernet Adapter
   Physical Address. . . . . . . . . : 00-0F-3D-F1-D8-55
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.0.5
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.0.9
   DNS Servers . . . . . . . . . . . : 192.168.0.10
                                       192.168.0.5
   Primary WINS Server . . . . . . . : 192.168.0.5
   Secondary WINS Server . . . . . . : 172.28.98.33

C:\Documents and Settings\Administrator.NTSERVER1>
0
 
LVL 10

Expert Comment

by:Phadke_hemant
ID: 20037995
for server2?
0
 
LVL 10

Expert Comment

by:Phadke_hemant
ID: 20038002
is your server a DNS server?
please also check your Node settings -
http://support.microsoft.com/kb/160177
0
 

Author Comment

by:nestey
ID: 20038014
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\Administrator.NTSERVER1>ipconfig/all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : manotes1
   Primary Dns Suffix  . . . . . . . : ntserver1.pna.com
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : Yes
   WINS Proxy Enabled. . . . . . . . : Yes
   DNS Suffix Search List. . . . . . : ntserver1.pna.com
                                       pna.com

PPP adapter RAS Server (Dial In) Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
   Physical Address. . . . . . . . . : 00-53-45-00-00-00
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.0.103
   Subnet Mask . . . . . . . . . . . : 255.255.255.255
   Default Gateway . . . . . . . . . :

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : HP NC7782 Gigabit Server Adapter #2
   Physical Address. . . . . . . . . : 00-14-C2-C1-5E-69
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.0.30
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.0.9
   DNS Servers . . . . . . . . . . . : 192.168.0.10
                                       192.168.0.5
   Primary WINS Server . . . . . . . : 192.168.0.5
   Secondary WINS Server . . . . . . : 172.28.98.33

C:\Documents and Settings\Administrator.NTSERVER1>
0
 
LVL 10

Expert Comment

by:Phadke_hemant
ID: 20038047
please assign an IP address to the internal interface for the problem server and then check
also chek with the firewall rules, whether something is missing for the problem server
0
 

Author Comment

by:nestey
ID: 20038056
This second server works it has a PPP adapter which I do not see on the other one. The other one worked until last night. We were going to switch from a PIX 506 to a new ASA5505. I had someone configure the ASA but when we moved the cables from the pix to the ASA some things were not working? Could not receive mail or VPN into our servers. We decided to put the WAN and LAN cables back on the PIX everything works except I can not PPTP into this server but I still can use the PPTP connection into the backup one (server2). I want to think it's because there is no PPP adapter? When I go to start administrtive tool routing and remote access and select general under IP routing the inside interface says Not Available  Unknown and Non-operational. If I look under DHCP there are there are 20 Icons with the computer and a little phone 10 pointing to one remote access server and the other 10 pointing to the other. It's like it has not inside route to RAS pool?
0
 

Author Comment

by:nestey
ID: 20038064
I guess that is what I am asking How do I assign the IP address for the internal interface?
0
 
LVL 10

Expert Comment

by:Phadke_hemant
ID: 20044921
do it through properties of My Network Places and not through RRAS management
0
 

Author Comment

by:nestey
ID: 20045025
I think I'm confused, I have 2 adapters listed in properties of My Network Places. One is disabled and has always been (there is nothing plugged into it) the other is the one in use which has the static IP of 192.168.0.5  I can't change this address as it is the IP of the machine. There is a route in my pix that points our public IP we use for VPN to the .5 address which use to assign another DHCP address which was one of the 10 listed in DHCP with the little phone icon.
0
 
LVL 10

Accepted Solution

by:
Phadke_hemant earned 2000 total points
ID: 20045514
there is something wrong on the firewall itselft. some route or rule is misconfigured....
can you test your other server by using 0.5 address to it temporarily abd connecting to the same cable as the problem server is? if you can just check for few minutes and verify whether same problem exists with the other server also.
0
 

Author Comment

by:nestey
ID: 20045628
I probably can not try this till later on in the week or this weekend. The .30 (our working server) is our mail and workflow server so it is hard to take it down. I hear what you are saying but as I said before we did not change anything just unplugged LAN and WAN cables from PIX and plugged them into the ASA then plugged them back into the PIX after we had issues with the asa.
I am not able to ping the public address from the outside world, but if I put a laptop in front of the firewall I am able to ping it which says to me that it is in the PIX but  I have been working with Cisco for the last 2 days and they looked at the PIX and they say everything looks fine?
I'm still confused on why I do not see a PPP adapter RAS Server (Dial In) Interface on the non working server? Like I said I did not setup the RRAS but I did try to install it on a spare server I have and after going thru the RRAS wizard that machine also doed not have a PPP adapter RAS Server (Dial In) Interface, any idea what I'm doing wrong? How does the PPP adapter RAS Server (Dial In) Interface get added to a server?
0
 

Author Comment

by:nestey
ID: 20053588
From inside my network I setup a pptp connection from my vista laptop to the IP of the machine and it connected via pptp.
Next I pulled the working server .30 offline an added the .30 address to the ip configuration TCP/IP advanced setting on the non working  .5 machine. I tried to connect using the working IP public address which points to the .30 could not connect. I then removed the .30 and physically change the IP from .5 to .30 and tried again still can not connect. I put everything back the way it should be an the working server works and the non working server still does not.
Next on the PIX I removed the static pptp route and static port 47 route which points the non working public address to the non working server, I re added them using a different public aaddress still does not work. I then removed those static routes and put the original routs back still does not work.
0
 

Author Comment

by:nestey
ID: 20069883
Phadke_hemant:
 I am going to accept your answer for the misconfigured route as you were on the right trach . It was not misconfigured  but stupidity on my part. I totaly forgot that we had left the ASA plugged in to out outside router, even though it was not connected to our inside network it must have hug up the route in our AT&T router. I guess I didn't think since it had a different IP it would affect on any thing then I also just forgot it was even plugged in.

Thanks for all your help,
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
If you use NetMotion Mobility on your PC and plan to upgrade to Windows 10, it may not work unless you take these steps.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question