remote desktop session disconnecting all the time.

DCHMIEL
DCHMIEL used Ask the Experts™
on
Hi Experts,

I have had an issue that has been driving me crazy for a few months now.

I have a remote office that remote desktop's over to our office to use the database. Its only a max of 10 users at the time. I have setup a terminal server here (terminal server 2003). It is running in application mode and i have more then enough terminal server client licences.

They constantly experience drop out and then it takes about 5-10 minutes to get back in. They have around 10 dropouts a day. Some days are worse then others. The strange thing is that i have two other branches doing the same - again only a few users but they are fine and experience no drop outs.

This rules out our internet connection here for which we pay a lot of money for to supply enough bandwidth primarily for the upload. I have called their ISP and their ISP are telling me their internet is ok however i am sceptical.

They have a router which i have not yet swopped over so could be a cause. I have swopped over adsl filters. They have a firewall (hardware) but nothing reported out of the ordinary.

I have set a continious ping from a client machine to the server here and average response time is around 55ms with no drop outs. I only did this for around 3 hours.

Is there any suggestions or any software i can download to tell me how the connection is going. I still think it is there ISP but i need proof to suugest my theory. I could be wrong and it could be server, firewall, or router. I am working through eliminating these devices but i feel they are ok at present.

Please can someone help.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Krzysztof PytkoSenior Active Directory Engineer
Top Expert 2012

Commented:
Do you have any GPO or local policies on Terminal Server applied? Maybe there is set up Session timeout or something like that?

Regards,
Krzysztof

Author

Commented:
Hi There,

I have checked all that and its ok. also the fact that other locations are ok means that it should be ok. It is just the one office having the problems.

We did a continiuous ping test again this morning and caught it as they had a disconnection and there is packet loss and then it stabilises again. So maybe ISP?
Do you have enough user licences (terminal server) to handle all offices connecting up at the same time?

Do the remote offices connect to IP or Computer name? Is this consistant accross all remote users?

If a user drop out, when the re-connect do they get the same ts session or a new session?
CompTIA Network+

Prepare for the CompTIA Network+ exam by learning how to troubleshoot, configure, and manage both wired and wireless networks.

Commented:
I assume you pinged by IP address:

If you lost ping at the moment your clients lost access, the problem is deeper than Terminal services or licensing. It's L1 through L3....meaning the physical layer, data link layer, or Network layer....

Terminal services and pinging by IP uses different ports and ping doesn't need a license, (unless the router has client access licensing).

The question here remains, is it your server that has intermittent connectivity, or is it the entire LAN...The server could be expreincing a NIC flood and stop everything for a few minutes.

The intermittent network connectivity would effect all clients.. So, how does the rest of the network react when this happens???

Commented:
By the way, you are paying money and probably have a service level agreement (SLA) for your connection...So, the ISP should also be evaluating your issue from their end. Hold them to that SLA...

Author

Commented:
Hi Everyone thanks for the responses.

-Firstly i have aprox 15 licences more then is needed. We had many redundancies so this was why i have so many more.
-All connections are consistant and all connect via rdp on an IP address. No changes have been made to this branch compared to the other branches.
-when uses drop out they get the same session

chiefIT i think you might have a good point about the network card. I think this is what i dont know. Is it the server having problems and hence the users get thrown out or is it the client side.

How can i check the network card for issues?

My initial thoughts are either server, firewall, router but firewall and router i think are ok

Author

Commented:
Other information:

I was on there server now (remoting in) and i had a frozen screen. this exact time everyone was thrown out.

I also have two networks card in the machine but only using one. Do you think its worth swopping the cards over or activating the spare and disabling the current to see if that helps?

Commented:
What kind of network management system (NMS) do you have? You need to monitor traffic on the router in order to find out if it is you or them.

Now, your problem is still within the top three layers..... Look for AMBER lights on the switch trunk ports that indicate a collision. Look for same on the router.

Then, run a netflow analyisis on the router....  Check your server logs to indicate any DNS related issues or system issues that pertain to the outages...

Also, I want to know if you are running Service pack 1 on the server??? There is a bug in that that causes intermittent network connectivity.

Commented:
Once again, get in touch with your ISP, explain the problems, and tell them you are logging your outages. Also ask them for a copy of your company's Service Level Agreement with them. That is a contract they need to abide by. Hold them accountable for these outages until their diagnostic utilities tell you specificially this is YOUR issue.  

Another options is to take a client computer and your router and plug them into the switch on that bad LAN. When network connections die, does thatclient computer that will be outside your router and firewall.

Firewalls will block, so outages would be indefinite, not intermittent. So, this most likely isn't a firewall related issue.

Commented:
It seems licences issue to me also please check sesion (how many login) with full load then find if problem occured. I don't think you ISP will help in this matter.

Author

Commented:
Hi There,

I think this is the main thing i am trying to do. Seeing if its me or the ISP. I must admit i have called the ISP a number of times and they always say everything is ok. I might need to be morte assertive on my next call and explain more in detail.

I dont have any management software to monitor this. Do you suggest any i can use. Basically i have logged onto my firewall and watched the traffic on there but all seems fine. The unfortunate thing is this is a remote site so its very far away.

There are no DNS conflicts in DNS. I am running SP2 on the server.

I will call my ISP again. Do you recommend any software that i can use to record more specific data?

Commented:
For Network Management System, I have always used Solar Winds. So, I don't have experience with other packages to make a comparison between the different NMS packages.... Any network service provider should have a NMS. If not, they are not good ISPs. Ask them to monitor their side for hickups in service under the terms of the service level agreement you have as a customer of theirs.

Author

Commented:
Hi there,

I have installed Solar winds as a trial but have no clue at the moment how to use it.

I have the feeling now it could be something internal in my network. When the net disconnects so does exchange and thier user share on the server. I have to rely on what people say at that branch but this is new information to me. I have swapped over network cards and i have replaced switch. The firewall and server are next.

If it is internal and if its the server would anyone have any idea what it could be?

thx

Commented:
Either Duplex settings OR Spanning tree is enabled on Access ports...

Cisco has a quirck in it that the Duplex settings of the switches and router have to match exactly.   You might think that a 100Mb full duplex switch would talk well with a Auto Detect Router. But, it doesn't. As far as I know, this is a quirk strictly with Cisco. What you will experience is a switch, or a router, farting out for about 5 to 15 minutes periodically...

Also spanning tree protocols is a protocol to prevent from having L2 loops in the network. Enabling spanning tree on a switch or router trunk ports is fine, (its actually a recommended practice). But, sometimes an access port, (meaning a port that the clients and servers plug into), has spanning tree enabled. The spanning tree protocol takes about 45 seconds to hold down the packet before forwarding the packet on. For any computers newer than XP, that 45 second hold down timer, is too long. So, the connection times out. What you will experience is any computers newer than XP will time out the connection and they will have intermittent connectivity for about 5 minutes down time and 15 minutes up time. You might also see error 5719 in the server's event logs.

Author

Commented:
Hi,

The firewall was the one thing i never suspected and in all honesty all my troubleshooting just felt like the firewall was ok.

I did a firmware update as it need a few to be up to date and and its been a week now and its ok. So it was the firewall. All great suggestions so thank you.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial