[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Suddenly cannot RDP or ping to or from RDS server 2008 except from within one subnet

Posted on 2013-10-25
15
Medium Priority
?
1,278 Views
Last Modified: 2013-11-03
On a Windows 2008 R2 server running RDS, suddenly the server cannot be accessed via RDP expect by a machine on the same subnet.  It also cannot be pinged. Subnets cannot be accessed from that server at all (no pinging or mapping to anything in any other subnet). It cannot get to the Internet , though the Networking connection shows Internet as connected  OK.   i have checked the DHCP reservation, the DNS settings, flushed and registered, checked the adapter binding order, i have rebooted. I suspect a change in the firewall, some changes were made, am not managing the routing, but would like to know where to look on the Sonic Wall.  Any suggestions would be appreciated.
0
Comment
Question by:quaybj
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 4
  • 3
15 Comments
 
LVL 24

Expert Comment

by:smckeown777
ID: 39602732
Since it can be accessed by machine on the same subnet that tells me its possibly a gateway setting that is wrong

Is the correct default gateway address setup on the server?
Can you from the server ping the default gateway?
If yes can you tracert to an external ip from it?

tracert 8.8.8.8 - run this from the server and see where it stops
0
 

Author Comment

by:quaybj
ID: 39604866
Hi smckeown77

yes the gateway address is correct,
i cannot ping the gateway
tracert 8.8.8.8 fails
0
 
LVL 24

Expert Comment

by:smckeown777
ID: 39604890
Ok, so next question is why can't you ping the gateway...

Have you a switch in the connection between server and gateway? I'd start by rebooting that
You mentioned changes in the firewall...since you can't even ping the gateway from the server that might be the case...can you login to the Sonicwall?

From it can you ping back to the server? Most Sonicwall devices have a ping utility to test this

As for what could have changed you'd need to look at the rules that are setup, usually there are rules based on interfaces...WAN-LAN, WAN-Subnet etc...your RDS is obviously on a specific subnet so I'd check for rules connected to that subnet

Which model Sonicwall?
0
Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

 

Author Comment

by:quaybj
ID: 39604985
The servers are colocated, so i can't reboot the switch until about 9 am.  The other servers in the same switch are pingable from another subnet, but not the one in question.  Other servers in the same switch are working ok, maybe a bad port?? seems strange...

I logged onto the sonic (NSA 2400)  and I cannot ping that server from the firewall, but i can ping the others.

I see a couple of things in the firewall address objects that look incorrect, but I am not managing the firewall and am not an expert, The config is complicated by VPN rules, i don't want to break it.  I will get the person handling this to check my questions.
0
 

Author Comment

by:quaybj
ID: 39604993
I should add... the server can be accessed from my home by using the Sonicwall VPN  remote client.  If i use the VPN client, i can remote to the server by its internal IP address.
0
 
LVL 24

Expert Comment

by:smckeown777
ID: 39604996
Ok, that also points to a rule breakdown...

Server is accessible from home over a VPN - so the rules between the local subnet the server is on and the VPN subnet are working...

So yes this looks more and more like a rule that is mis-configured, switch is probably not an issue, port is def not an issue if the server is accessible at all(which it is)
0
 

Author Comment

by:quaybj
ID: 39605005
Thanks I will get back to you in a few hours.
0
 
LVL 26

Expert Comment

by:Blue Street Tech
ID: 39605711
Hi quaybj,

Ping is operational by default in the VPN tunnel and is not for other Zones, which would explain why ping is not working on the other Zones (not allowed via Access Rules).

Which Zone is the troubled server located in and which Zone are the others you mention in?

Can you provide a screen shot of your WAN > {whichever Zone your troubled server is in} within Firewall > Access Rules.

Thanks!
0
 

Author Comment

by:quaybj
ID: 39606241
diverseit (nice handle!)

the troubled server is in the LAN zone, so are the rest of the servers, 8 different subnets.  The fact that the server cannot surf the net is also puzzling.  One of the Access groups has an entry 'sonic for udp' pointing to 192.168.1.3, but there is no server at 192.168.1.3.

I also wonder if i have a windows firewall problem.  I didn't change anything and it was working fine before .  I will send a screen shot of the rules shortly.
0
 
LVL 26

Accepted Solution

by:
Blue Street Tech earned 2000 total points
ID: 39606258
Sounds good!

Also disable the Windows Firewall via Services as through the GUI can lead to false/positives if there are OS corruptions.

So all the other servers are setup as sub-Interfaces within the LAN zone?

Diverse IT (Thanks!)
0
 

Author Comment

by:quaybj
ID: 39606915
Sorry that was not clear, i meant that the other servers are all in the same subnet as the troubled one, which can only be remoted to from within the subnet - i have to remote to the colocation site, then remote to the RDS server.  it's as though it's in a cage, no pinging, no surfing, no remoting from it to anything else.  Even the VPN scenario is basically the same thing: get to the subnet via the sonicwall, then one can use RDP.

The Windows firewall is on on the whole domain via GP.  I did try to disable it just on the RDP via services, i got kicked off, and now i cannot remote to the server at all.  more later...
0
 
LVL 26

Expert Comment

by:Blue Street Tech
ID: 39607512
OK. Thanks for the clarification. Let's just focus on the screenshot of the Access Rules and then go from there whenever you have a chance to get logged back in.

Talk to you soon.
0
 

Author Closing Comment

by:quaybj
ID: 39616356
After i disabled the firewall and got disconnected in the process, the engineers at the colo rebooted, saw that that service was disabled when it came back up and re-enabled the firewall.  Everything went back to normal then.  Why this server hiccuped is still not clear, but starting and stopping the firewall did the trick.  I am awarding points here because i would not have gone to the services to disable the firewall right away, tweaking the  group policy settings for that server did not make the problem go away.  That tip saved me some work.
Thanks to Diverse IT!
0
 
LVL 26

Expert Comment

by:Blue Street Tech
ID: 39620203
My pleasure. Glad I could help and thanks for the points!
0

Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This program is used to assist in finding and resolving common problems with wireless connections.
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question