Avatar of richlang
richlangFlag for United States of America asked on

Internet Access stops after a few minutes.

I have several clients communicate over a VPN to the main office to an SBS server.
There is a local 2003 Std server set up as a catalog server that they authenticate to.
If you reboot the local 2003 Std server the clients in the remote office can access the internet and all resources at the main office on the other side of the VPN.  Within about 5-10 minutes they loose access to the internet but can still ping the local server, and VPN gateway but not anything past the IP of the gateway.  I am trying to figure out what could be stopping them.  It works fine for a short period of time after rebooting the local catalog server.  By the way to browser on the catalog server will also stop working when the clients do as well.  After the reboot the local 2003 Std svr (catalog svr) will have IE access as well then it stops working.  Not sure where to look.  Can any one tell me what to look for?
SBSWindows XP

Avatar of undefined
Last Comment

8/22/2022 - Mon

The first place to look will be the event logs on both of the servers and check for events in the application and system logs at around the time the internet access stops.
Peter Hart

may sound daft - but maybe its 'screen saver' or 'idle timeout' on the internet?
when you first boot, have you tried to continually use the internet from the server to see if the timeout stops?

When the problem happens the VPN is still showing connected.  There is a Cayman Router in bridge mode with a Linksys VPN behind it.  The Linksys shows internet access and the VPN shows connected, but clients will losse access to the internet after about 5 minutes.  If I disconnect the VPN and put the Caymen in router mode providing NAT and DHCP the clients do not have a problem.
In this mode the clients login localy not to the domain.  The problem only happens when logging into the domain, you get about 5 minutes of internet access then it stops.   I am on the way there now I will post an update once I view the logs.
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.

I have two errors in the System log.
1) The application-specific permission settings do not grant local launch permission for the COM server application with CLISD to the user NT Authoritynetwork service SID. The security permission can be modified using the component service administrative tool.
2) the time provider NtpClinet is configureed to aquire time form one or more time sources, however none of hte sources are currently accessible. No attempt to contact a source will be makde for 1 minutes.

I did modify the com object to add both the service account and network service account according to MS TID on the same error (Remote launch, Local and Remote Activation).  The only other issue in the log occurs when access stops.  DNS not available, Replication errors etc.  without access to the DC SBS host this all seems nomal. What I can not figure out is why the access stops.  I can reboot the server and get about 3 minutes of IE then it stops.  The VPN still shows its live and connected, traffic is not stopped from the downstream office.

Reboot and you can force site replication and DNS works - 3 -5 minutes latter everything stops.
Same issue when you run Netdiag it seems fine then, shows connectivitiy errors when the connnection stops. Looks like a DNS issue at that point, but DNS is working fine after a reboot.

Its got to be a dns problem then surely, do you have a dns server at both ends of the VPN if not then get one set up.

There is a DNS server at both ends - SBS 2003 at the primary site and Svr 2003 Std at the remote site.
If it is DNS than why does it work when you reboot the 2003 Svr at the remote site for 5 minutes.
When it is up you can ping all IP's at both sites or use the FQDN as well so DNS is resolving.
You can also force a replication between sites then it will stop responding.

How can I check to find the real issue, if it is DNS than how can I verify?
I am not sure what to check.
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.

On reading that I agree it doesnt sound so cut and dried.

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
Peter Hart

good job.

I just experience a similar situation when migrated XP SP3 computer from ATT  VPN client to Cisco VPN client version 5.0.5.  The vsdatant device driver was the problem.  This is a Zone Alarm personal firewall driver that is embedded in the ATT VPN client solution AND the Cisco VPN.  On just a couple out of hundreds of computers we migrated, users would lose http access afteer a couple of minutes logging into the computer.  VPN was not activated.  

From what I saw the ATT VPN client has vsdatant.sys and .dll files that date in 2005 and the Cisco client uses a 2007 version of those files.  If the ATT client is installed, the driver doesn't get updated.  

My fix was to uninstall ATT VPN, uninstall Cisco VPN.  Boot to safe mode and delete the vsdata (Deivce Manager view hidden devices  non-plug and play drivers.   Deleted the vsdatant* files in the winodows\system32 directory.  Delete the registry key HKLM\Sysmtem\CurrnentControlSet\Services)
reboot, install Cisco VPN.  The 2007 version of the files are installed and http access keeps running.

Tip - telnet to www.hotmail.com 80  (http port)  to rule out any browser complications when testing http access.
Your help has saved me hundreds of hours of internet surfing.

Correction - don't delete y HKLM\Sysmtem\CurrnentControlSet\Services, but the vsdatant entry in that registry folder.  Sorry for the confusion