• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 598
  • Last Modified:

RRAS and RWW go down after reboot

I have a buggy SBS 2003 server that i took over administration for and It sometimes hangs and reboots .. after the server reboots everything starts working properly again.

except RRAS and RWW ... at the moment RRAS is more critical for me as the company president is on the road alot and needs to vpn in.

my server just rebooted and I am afraid i have the same problem again ... how do i verify RRAS is working and how can i fix it is not ?

the way i can immediately tell that VPN is down .. is when i open the task manager on the network tab .. it shows up as a separate interface when it is up and running and is completely missing when it is not there.

when i goto administrative tools -> routing and remote access .. the service is running but the ports are all inactive (about 5 of them)

another thing that i have noticed which has changed is the pictur below .. there was an ip address in the empty boxes

I am absolutely positive that this issue is not the firewall side because i verified all the ports are being forwarded correctly and vpn was working fine before the server reboot and nothing has been changed on the firewall

help please ??


0
Eng-
Asked:
Eng-
  • 3
  • 3
1 Solution
 
Jerry SolomonNetwork  AdministratorCommented:
There was a recent microsoft security update that really made a mess of SBS servers. It specifically messed up a bunch of listening ports, including RRAS.  There is a registry hack to fix it. the microsoft technet article is at:
http://blogs.technet.com/sbs/archive/2008/07/17/some-services-may-fail-to-start-or-may-not-work-properly-after-installing-ms08-037-951746-and-951748.aspx

See if that is the issue.
0
 
suppsawsCommented:
Hello Eng-,

I think the best thing is to cleanup the SBS and rerun most of the wizards so you have a stable server.
First run the BPA for sbs 2003, which can be found here: http://sbs.editme.com/SBSintro
Do everything it asks, rerun the wizards, clean the eventlogs and show the most important errors to me.

It could also be interesting to give an ipconfig /all of the server and one clients to see if the previous guy hasn't messed up that also.

Regards,

suppsaws
0
 
Eng-Author Commented:

I've followed both pieces of advice and still no change.

below is the ipconfig /all output for both the server and one of the clients if it helps.




**Windows IP Configuration for the server**



   Host Name . . . . . . . . . . . . :[servername]

   Primary Dns Suffix  . . . . . . . : [domain.local]

   Node Type . . . . . . . . . . . . : Unknown

   IP Routing Enabled. . . . . . . . : Yes

   WINS Proxy Enabled. . . . . . . . : Yes

   DNS Suffix Search List. . . . . . : [domain.local]



Ethernet adapter Server Local Area Connection:



   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II GigE (NDIS VBD Client)

   Physical Address. . . . . . . . . : [MAC address]

   DHCP Enabled. . . . . . . . . . . : No

   IP Address. . . . . . . . . . . . : 192.168.16.2

   Subnet Mask . . . . . . . . . . . : 255.255.255.0

   Default Gateway . . . . . . . . . :

   DNS Servers . . . . . . . . . . . : 192.168.16.2

   Primary WINS Server . . . . . . . : 192.168.16.2



Ethernet adapter Internet Connection:



   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II GigE (NDIS VBD Client) #2

   Physical Address. . . . . . . . . : [MAC address]

   DHCP Enabled. . . . . . . . . . . : No

   IP Address. . . . . . . . . . . . : 192.168.111.254

   Subnet Mask . . . . . . . . . . . : 255.255.255.0

   Default Gateway . . . . . . . . . : 192.168.111.1

   DNS Servers . . . . . . . . . . . : 192.168.16.2

   Primary WINS Server . . . . . . . : 192.168.16.2

   NetBIOS over Tcpip. . . . . . . . : Disabled




**Windows IP Configuration for client **

   Host Name . . . . . . . . . . . . : [client hostname]
   Primary Dns Suffix  . . . . . . . : [domain.local]
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : [domain.local]

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : [domain.local]
   Description . . . . . . . . . . . : Intel(R) 82566DM-2 Gigabit Network Connec
tion
   Physical Address. . . . . . . . . : [MAC address]
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::dd5a:ecdb:86ae:132e%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.16.34(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, November 03, 2008 7:58:52 AM
   Lease Expires . . . . . . . . . . : Wednesday, November 12, 2008 8:03:59 AM
   Default Gateway . . . . . . . . . : 192.168.16.2
   DHCP Server . . . . . . . . . . . : 192.168.16.2
   DNS Servers . . . . . . . . . . . : 192.168.16.2
   Primary WINS Server . . . . . . . : 192.168.16.2
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 6:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : domain.local
   Description . . . . . . . . . . . : isatap.domain.local
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : [MAC address]
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes







0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
Jerry SolomonNetwork  AdministratorCommented:
I would get a real good feel for what your server is doing--I looks like it is acting as your proxy server.
I personally don't run routing through the SBS, mostly because I like to A) get the load off, and B) let something else deal with security.

It is interesting to not that the WAN (192.168.11.254) side is not a public address, which means you are double-natting everything, which is inefficient and a waste.
I woul reprogram the Internet router (192.168.11.1) to have an IP of 192.168.16.1 (no DHCP) and just forget about routing through the SBS. Revise DHCP on the SBS to have the 192.168.16.1 as the router.

Then rerun the "connect to the internet" wizard.
0
 
Eng-Author Commented:
thanks jerry for the advice i have been told something very similar by someone else.

I have some downtime scheduled for the server next weekend to apply some patches but right now i need to get the vpn back up and running like it was before.

there are alot of thins that are not as they should be .. some of them i did not even consider .. which came up through the best practice analyzer .. i will eventually take care of them .. but if whenever the server reboots vpn goes offline and i cant figure how to get it back up .. that ties my hands of doing majore changes untill i can find out how to resolve this
0
 
Eng-Author Commented:
woohoo I have finally got this resolved.

i connected to my server via remote desktop connection ... to view the event monitor when i attempt to connect to the vpn and it showed up on ISA firewall that my user account was trying to connect via vpn and that i did not have the permission to do so.

which is crazy because i am a member of the remote access group who do have permission to vpn in. ... i manually gave myself the permission on the 'dial in' tab of the user property which was previously set to grant access through 'remot access policy'

I tried again and it worked ...which raises another why would a server reboot cause a security group to lose permission it had before the server reboot and how can i go about finding out and fixing it ?
0
 
Jerry SolomonNetwork  AdministratorCommented:
DNS issues often preven group policies from loading properly. The server's primary DNS in its LAN connection should be its own IP address.
Check that.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now