Solved

Unknown RAS IP addresses reserved on Windows 2008 server (RAS NOT INSTALLED OR USED !)

Posted on 2010-11-18
11
1,218 Views
Last Modified: 2012-05-10

Our Windows 2008 server is showing a number of IP addresses reserved in the DHCP scope for RAS connections, they all show the NAME as the FQN of the server. We don't use RAS as our router handles remote VPN traffic and IP allocation.

Can someone shed some light on this as the scope gets full pretty quickly !  I can delete the reservations and they come back shortly after, I'm stumped !
0
Comment
Question by:Andrew Lee
  • 5
  • 4
  • 2
11 Comments
 
LVL 9

Accepted Solution

by:
losip earned 250 total points
ID: 34163102
Are you sure that you don't have the Network Policy and Access Services role installed (with the RAS feature enabled)?
0
 

Author Comment

by:Andrew Lee
ID: 34163182
Hi,

We've got

AD Domain services
DHCP Server
DNS Server
File Services
Web Server (IIS)
Windows Server Update Services

installed
0
 
LVL 9

Expert Comment

by:losip
ID: 34163242
And RRAS is not installed on any other server which could be getting addresses from that one?  Although, I would expect the Name to be the FQDN of the RAS server, not the DHCP server.  Another possibility: could the router be erroneously getting its IP addresses from the DHCP server (by broadcast) instead of from its own pool?
0
 

Author Comment

by:Andrew Lee
ID: 34163292
Hi,

Its a draytek 2820n router, the remote pptp is set to assign 10.100.0.223 upwards, DHCP scope on server is : 10.100.0.31 - 200, subnet 255.255.255.0

No other server on the network, this box is a Windows 2008 server with Exchange 2007 installed, 64bit

Intrestngly the IP's are now showing in DHCP anymore, I have had some strange goings on with wireless modules and some devices picking up DHCP in the production enviroment,

I suggest leaving this for a day and I'll monitor see if the RAS entries pop back up,
0
 
LVL 9

Expert Comment

by:losip
ID: 34163367
Any device on the 10.100.0.0/24 subnet will broadcast out when it wants an IP address. As you've described the network, either the Draytek or the Windows server may reply to such a Discover packet and offer an address out of their allocated range.  

I'm not sure whether this scenario is valid with the Draytek but, if a device calling in on the VPN wants an address, it may be that it can get it either from the router itself or from the server following a broadcast from the VPN termination onto the 10.100.0.0 subnet.  Therefore, either DHCP server may issue leases.
0
Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

 

Author Comment

by:Andrew Lee
ID: 34163377
Hi,

No DHCP on the draytek its turned off, the VPN isnt assigning addresses to general network traffic from my knowledge of the draytek, its assigned on a per tunnel / connection basis
0
 
LVL 9

Expert Comment

by:losip
ID: 34163422
Yes, I appreciate that devices on the LAN will ONLY get addresses from the server but I was referring to VPN clients's addresses which SHOULD come from the router.  When they make a connection, is it possible that the Draytek broadcasts on the LAN interface (to itself and any other DHCP server that will listen) so that a connected VPN client may get an address from the server instead of the router?  It''s more a suggestion than a concrete theory due to my lack of knowledge of the internals of the Draytek.
0
 
LVL 5

Assisted Solution

by:q2q
q2q earned 250 total points
ID: 34163705
They draytek has few ways of giving ip addresses for those who dial in
1) using its own dhcp (Lan > general settings > on the right hand side)
2) using a range when dhcp is disabled ( VPN  and  remote access > ppp general setup > on the right hand side)

These two options would not get addresses from your servers dhcp pool
3) dhcp relay server option (Lan > general settings > on the right hand side)
this will passthrough to your server, hower in all my experiance I have not seen a draytek pre-allocate addresses.

I would expect your server is doing this becuase the servers "routing and remote access" service is started. and has been configured (admin tools > routing and remote access) to use pptp or dial up connections. If you dont need this disable the windows service  "routing and remote access" and it will be fine.
If this works you can then open the panel (after restarting the service) delete the server from the console.
0
 

Author Comment

by:Andrew Lee
ID: 34163796
Hi

option 2 above set for draytek to allocate address

thats the strange thing routing and remote access IS STARTED but I can't be stopped (dependant services), its NOT showing in ROLES or ADMINISTRATIVE TOOLS though, its never something thats been used !
0
 
LVL 5

Expert Comment

by:q2q
ID: 34163862
Yes its crazy, its like microsoft want people to use it and just install and set it up for us.
If I were you I would use dhcp relay rather then option 2 as it ensures you dont get clashing addresses. The only downfall is that if your server is off you will need to asign yourself a static address to get it.
0
 

Author Comment

by:Andrew Lee
ID: 34163920
Can't set the DHCP relay unless DHCP is enabled on the router which we don't want, had two clashing DHCP servers before, not pretty !

Also can't remove the start address from ppp config draytek complains its invalid having nothing in there

So far no issues today, I've made a couple of other changes not covered in this thread to do with getting certain people to NOT connect certain kit which asks for DHCP, they've been assigning static addresses and so far so good, thanks all for assistance on this though, going to keep question open for a couple of days whilst monitor the situation, if its resolved I'll divy the points up

Cheers
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
Let’s list some of the technologies that enable smooth teleworking. 
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now