?
Solved

Strange Remote desktop connection problem

Posted on 2008-10-10
3
Medium Priority
?
336 Views
Last Modified: 2013-11-21
Our setup is the following :

A remote site, hosting 2 physical servers (Windows 2003 R2 SP2) lets call them sgood and sbad. Each one has a different Public IP, although theyre behind the same router.
Our company uses sgood and sbad for similar purposes, all of them using remote desktop connections.
Normally our users would start rdp in any or both servers, and use some applications, including office 2007. We have been using this scheme for years.
For reasons we still dont understand, this week, connections from inside the company to sbad, started having problems, while connections made to sgood still worked. The strange thing is that connections started from outside the office to both sbad and sgood work just fine, so the only problem we have is related to connections to sbad from inside the office.
The problem seems to lessen while the number of users connected goes down, but this is puzzling because weve had much higher workloads and theres never been a problem.
We suspected on the firewall/router, changed it and still have the problem. Remember that any connection from outside the office works fine.
Resetting the server, firewalls, routers didnt help. Packet monitoring between both ips, shows normal 3389,  and other standard protocols used in this type of connection.
We may discard a network interface problem since on one hand, connections from outside the office work fine, and on the other, connections from inside the office to sgood, work just fine.
I suspect of a routing problem betwen office ip, and sbad ip, is that possible ?
Any ideas ?
0
Comment
Question by:jsonnenvzla2
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 6

Expert Comment

by:kavlins
ID: 22691204
Is that Cisco routers at both sites ? If yes , how do u connect to remote site from inside and outside office ? Cisco VPN Client ? Give more info....
0
 

Accepted Solution

by:
jsonnenvzla2 earned 0 total points
ID: 22691870
Thanks Kavlins. First an update : we decided to change sbad's public ip address, even to a different subnet, and the problem was solved inmediately. It seems there definetly was a routing problem. I actually don't know which router is on the far side, our's is either a Fortinet 50b, or a small d-link (we tried with both, and it was the same). Anyway i'd love to see posted exactly what happened, and how to discover the problem with some tool , points are still available
0
 
LVL 1

Expert Comment

by:culverfranchising
ID: 22807565
What troubleshooting did you attempt with the 50b?  I would try running a packet capture, and then exporting that capture to a pcap file for viewing in Wireshark.  I would also manual set the interface speed of the NIC on the server in question to the desired speed.  I have seen autonegotiate fail occassionaly and produce strange results.

Checkout the following Fortinet Knowledge center article on using the built in sniffer to the product.

http://kc.forticare.com/default.asp?id=1186&Lang=1&SID=

You will need the Perl libraries installed in order to change the output into a pcap file for use in Wireshark.
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip is around source server preparation. No migration is an easy migration, there is a…
Know what services you can and cannot, should and should not combine on your server.
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question