RPC over VPN

every1isevil2
every1isevil2 used Ask the Experts™
on
Hey Everyone,

I'm having an interesting problem with my VPN.

I have 2 watchguards X55e firewalls. They are configured with an ipsec vpn tunnel between the 2 sites. I had some servers on the local subnet moved over to the remote subnet and now i'm getting all sorts of RPC errors when certain server try to talk with other across the vpn.

* The watchguards are configured with the default rule to allow everything between both subnets.
* I have DC servers on both subnets and DNS is resolving properly
* All the computers can see each other and can do file sharing
* The traffic monitors aren't showing any type of denied packets

Both watchguards are on the latest 11.1 firmware.

Please let me know if you need anymore info.

Thanks in advance
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Is RPC configured with the old IP address of the server from before it was moved?

Author

Commented:
Well everything was configured with it being on the local subnet, it was then moved to the remote subnet and started having problems. Is this what you meant?
Top Expert 2013

Commented:
RPC errors are often due to blocked ports in the windows, or 3rd party software firewalls. Are they enabled? If so, verify under the exception's scope options that the remote subnet is included. Often the exception is enabled, but only for the local subnet blocking connections from remote sites.
Success in ‘20 With a Profitable Pricing Strategy

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Author

Commented:
I have the windows firewall disabled by group policy. I just double checked and the firewalls are definitely off on the servers
seem to be like its not a problem with firewall side

You can use the RPC Ping Utility to confirm the RPC connectivity between the computer

try this
Yes that was what I was asking. I was concerned that something configured for accessing it on the old subnet is still in there but the device is now on the new subnet with a different IP address which would have to be accounted for.

Author

Commented:
RPC ping hasn't really helped. it won't perform the "ping" within the internal subnet or the external subnet.  
Any ideas as to why it would be doing this? it almost seems like the firewall is what may be causing this. Anything that is using RPC such as Exchange SCR and Symantec backup exec CPS is having problems. Different servers.
Check your firewall logs to see if there are any rules that are dropping packets from the devices you are working with.

Author

Commented:
That's the strange thing, I have even worked with the watchguard tech support and had them monitor the VPN traffic while trying to connect and what not. They didn't see any dropped packets.
Are you hitting the issue mentioned in this article and are you using the RPC Configuration Tool to configure the workaround?

http://support.microsoft.com/kb/154596

Author

Commented:
let me review the article and get back to you

Author

Commented:
Going to try it out. Thanks for the article. i will post my results
Top Expert 2013

Commented:
EXPERTS, I need your help.....
I would recommend close and refund. Though numerous troubleshooting suggestions were made no solution was found.
--Rob
The problem has been resolved. The problem was with the DSL connection. We moved the server to it's permanent home in the datacenter and everything started working properly. Everything was properly configured.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial