Problem accessing files over VPN / Remote Desktop
Complicated one this:-
I'm helping out a friend with a problem, I'm not knowledgable enough with Servers to resolve this particular issue and hoped someone might be able to help.
Scenario:- This company has two sites and several remote workers. On each site, there are two Servers - one domain controller and one Terminal Server. All servers are running Server 2003. FOr the purpose of this, I'll call the sites and domains "Site 1" and "Site 2" and the Servers "Site1-DC", "Site1-TS", "Site2-DC" and Site2-TS". I'm sure you can figure out which is which...
Both sites are linked via a Lan-Lan VPN using Draytek Vigor 2820 Routers. Remote workers use Hamachi to create a VPN link to each Terminal Server and Domain Controller on both sites. Employees from Site 1 will work via a Remote Desktop link to "Site1-TS" and Employees from Site 2 work via a Remote Desktop link to "Site2-TS". Some DIrectors from Site 1 need to Remote Desktop into "Site2-TS" in order to access Sage Accounts etc, but they log in using their login and domain for Site 1. So, for example, User 1 will log in to "Site2-TS" using the username "Site1-DC\User1" and their relevant password. This still works fine...
However, an intermittent problem has started occuring over the last two days which has baffled me. Directors from Site 1, whether logged in to "Site2-TS" or "Site1-TS" can not access files located on "Site2-DC". When clicking start-run then typing \\Site2-DC they are presented with the error "\\Site2-DC is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions. There are currently no logon servers available to service the logon request." This does not happen all the time - probably three times a day, and for an hour or so at a time. I've checked everything when the problem is occuring - the LAN-LAN VPN link is still live, Hamachi is still running on all affected machines. If I log in to "Site1-TS" or "Site2-TS" as the administrator, I can access \\Site2-DC files with no problem, yet at the same time the users are affected. They can access \\Site2-DC files from their local laptop no problem either, it only happens within the Terminal Server sessions and only when trying to access files on "Site2-DC".
A restart of all Servers usually brings everything back online until the next time it happens.
Can anyone offer any explanation for this? Please try not to be too technical! To reiterate, this was working fine until a couple of days ago and nothing has changed.
I'm helping out a friend with a problem, I'm not knowledgable enough with Servers to resolve this particular issue and hoped someone might be able to help.
Scenario:- This company has two sites and several remote workers. On each site, there are two Servers - one domain controller and one Terminal Server. All servers are running Server 2003. FOr the purpose of this, I'll call the sites and domains "Site 1" and "Site 2" and the Servers "Site1-DC", "Site1-TS", "Site2-DC" and Site2-TS". I'm sure you can figure out which is which...
Both sites are linked via a Lan-Lan VPN using Draytek Vigor 2820 Routers. Remote workers use Hamachi to create a VPN link to each Terminal Server and Domain Controller on both sites. Employees from Site 1 will work via a Remote Desktop link to "Site1-TS" and Employees from Site 2 work via a Remote Desktop link to "Site2-TS". Some DIrectors from Site 1 need to Remote Desktop into "Site2-TS" in order to access Sage Accounts etc, but they log in using their login and domain for Site 1. So, for example, User 1 will log in to "Site2-TS" using the username "Site1-DC\User1" and their relevant password. This still works fine...
However, an intermittent problem has started occuring over the last two days which has baffled me. Directors from Site 1, whether logged in to "Site2-TS" or "Site1-TS" can not access files located on "Site2-DC". When clicking start-run then typing \\Site2-DC they are presented with the error "\\Site2-DC is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions. There are currently no logon servers available to service the logon request." This does not happen all the time - probably three times a day, and for an hour or so at a time. I've checked everything when the problem is occuring - the LAN-LAN VPN link is still live, Hamachi is still running on all affected machines. If I log in to "Site1-TS" or "Site2-TS" as the administrator, I can access \\Site2-DC files with no problem, yet at the same time the users are affected. They can access \\Site2-DC files from their local laptop no problem either, it only happens within the Terminal Server sessions and only when trying to access files on "Site2-DC".
A restart of all Servers usually brings everything back online until the next time it happens.
Can anyone offer any explanation for this? Please try not to be too technical! To reiterate, this was working fine until a couple of days ago and nothing has changed.
ASKER
Yes, can ping Site2-DC no problem, 4 replies.
Default gateway remains the same throughout. Tracert returns 1 hop.
Default gateway remains the same throughout. Tracert returns 1 hop.
When the the problem occurs and \\site2-dc fails does the ip for \\side2dcIP work when used as the UNC path?
Are any services failing on the TS server ie, server service, dns, computer browser or workstation. Does anything appear in event log when this occurs?
Why are they typing the paths to the shares instead of using a mapped drive? If it is used as a mapped drive does it continue to work?
Are any services failing on the TS server ie, server service, dns, computer browser or workstation. Does anything appear in event log when this occurs?
Why are they typing the paths to the shares instead of using a mapped drive? If it is used as a mapped drive does it continue to work?
ok, when fail go to Start-> Run and type:
\\<IPServerSite2>\<Share>
and view if in this way it's work
\\<IPServerSite2>\<Share>
and view if in this way it's work
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
you can try to delete the cache of dns client
If NO, on the client type following command:
route print
and view if the default gateway is changed.
You can try to do a tracert from the client:
tracert <IPserver> -d