Link to home
Start Free TrialLog in
Avatar of every1isevil2
every1isevil2Flag for United States of America

asked on

RPC over VPN

Hey Everyone,

I'm having an interesting problem with my VPN.

I have 2 watchguards X55e firewalls. They are configured with an ipsec vpn tunnel between the 2 sites. I had some servers on the local subnet moved over to the remote subnet and now i'm getting all sorts of RPC errors when certain server try to talk with other across the vpn.

* The watchguards are configured with the default rule to allow everything between both subnets.
* I have DC servers on both subnets and DNS is resolving properly
* All the computers can see each other and can do file sharing
* The traffic monitors aren't showing any type of denied packets

Both watchguards are on the latest 11.1 firmware.

Please let me know if you need anymore info.

Thanks in advance
Avatar of Rick_O_Shay
Rick_O_Shay
Flag of United States of America image

Is RPC configured with the old IP address of the server from before it was moved?
Avatar of every1isevil2

ASKER

Well everything was configured with it being on the local subnet, it was then moved to the remote subnet and started having problems. Is this what you meant?
Avatar of Rob Williams
RPC errors are often due to blocked ports in the windows, or 3rd party software firewalls. Are they enabled? If so, verify under the exception's scope options that the remote subnet is included. Often the exception is enabled, but only for the local subnet blocking connections from remote sites.
I have the windows firewall disabled by group policy. I just double checked and the firewalls are definitely off on the servers
seem to be like its not a problem with firewall side

You can use the RPC Ping Utility to confirm the RPC connectivity between the computer

try this
Yes that was what I was asking. I was concerned that something configured for accessing it on the old subnet is still in there but the device is now on the new subnet with a different IP address which would have to be accounted for.
RPC ping hasn't really helped. it won't perform the "ping" within the internal subnet or the external subnet.  
Any ideas as to why it would be doing this? it almost seems like the firewall is what may be causing this. Anything that is using RPC such as Exchange SCR and Symantec backup exec CPS is having problems. Different servers.
Check your firewall logs to see if there are any rules that are dropping packets from the devices you are working with.
That's the strange thing, I have even worked with the watchguard tech support and had them monitor the VPN traffic while trying to connect and what not. They didn't see any dropped packets.
Are you hitting the issue mentioned in this article and are you using the RPC Configuration Tool to configure the workaround?

http://support.microsoft.com/kb/154596
let me review the article and get back to you
Going to try it out. Thanks for the article. i will post my results
EXPERTS, I need your help.....
I would recommend close and refund. Though numerous troubleshooting suggestions were made no solution was found.
--Rob
ASKER CERTIFIED SOLUTION
Avatar of every1isevil2
every1isevil2
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial