• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 385
  • Last Modified:

SBS2008

I had a momentary few minutes where I could not connect to the SB2008 Server through Teamviewer Client nor RDP through VPN, I was able to ping the SBServer from another Server successfully and  I could rdp to the other application servers, I was also told the Exchange 2007 was not functioning at that time as well. After a few minutes I was able to access the SBSServer2008 and everything was functioning as normal. I reviewed the Event logs and under System the only abnormality was: RasSstp Error (Event24) and Warning (Event 18).

I am not sure these Events are the culprit but wanted to pose this question out to see if anyone has had any similar situation with an interruption like this.  No DNS Issue found as well.
0
dtssupport
Asked:
dtssupport
  • 4
1 Solution
 
Bill BachPresidentCommented:
There are many possible scenarios:
1) Network reconfiguration:  If the NIC was in the process of reconfiguring, you could get denied access like this.  A common reason for this is a faulty cable that is not true Cat5E(or higher) and attempting to use GbE connection.  I've seen the NIC reconfigure itself for 100Mbps, then switch back to GbE -- all on its own.
2) Busy NIC:  If a process was consuming all of the network bandwidth for a period of time (such as backup, large file copy, etc.), then connection-based processes can have problems connecting in a timely manner.  PING, which is a simple UDP packet, may be able to squeeze through.
3) Switching or networking problem: The problem may not be specific to the server, but rather to a switch to which it is connected. If someone created a switching loop, routing loop, or the like, then communications can fail.
4) Another machine came up with that IP address: This is the more scary option -- another PC could be trying to use the same IP address as the server.  The PING works, but you were actually pinging the wrong system.  If it happens again, check the ARP table after the PING to verify that the correct machine responded.  This could also be indicative of an attempted Man-In-The-Middle attack, where network packets are being re-routed to a bad host.  
5) Major CPU issue: if the server CPU was very busy and unable to process the connection requests in a timely manner, then this symptom could be seen.  Again, PING replies are very easy and require little to no CPU time.  Setting up a new RDP session, OTOH, takes some real work.

To tell for sure, you can use Wireshark or some other network analysis tool connected to the same core switch, monitoring traffic from that server, and see what is responding (and what isn't) when the problem occurs.
0
 
donnkCommented:
try this:

1) Run "Fix My Network"
2) Enable VPN (again)
3) run "netsh http show" check IPv6 is not missing
4) if it is add IPv6 run (xxx is your cert HashKey): netsh http add sslcert ipport=[::]:443 certhash=xxx appid={ba195980-cd49-458b-9e23-c84ee0adcd75} certstorename=MY
5) Reboot.
0
 
dtssupportAuthor Commented:
Wanted to elaborate a little more on this issue, I just had it happen again and it hangs up the SBS2008 DC and we cannot access it through RDP and the Exchange 2007 stops communicating and it hung for about 15minutes before we could access everything again.
in the Event log it said the Routing and Remote Access failed, and here is the actual Log Error:

Log Name:      System
Source:        Microsoft-Windows-RasSstp
Date:          12/9/2013 1:15:43 PM
Event ID:      24
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      SERVER01.xxxx.local
Description:
The certificates bound to the HTTPS listener for IPv4 and IPv6 do not match. For SSTP connections, certificates should be configured for 0.0.0.0:Port for IPv4, and [::]:Port for IPv6. The port is the listener port configured to be used with SSTP. The default listener port is 443.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-RasSstp" Guid="{6c260f2c-049a-43d8-bf4d-d350a4e6611a}" EventSourceName="RasSstp" />
    <EventID Qualifiers="0">24</EventID>
    <Version>0</Version>
    <Level>2</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2013-12-09T18:15:43.000Z" />
    <EventRecordID>4019639</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>System</Channel>
    <Computer>SERVER01.consultrms.local</Computer>
    <Security />
  </System>
  <EventData>
  </EventData>
</Event>


Can you tell me if someone has any thoughts on the solution for this, not quite sure if the above answer is  the same for this one?

thx
0
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

 
dtssupportAuthor Commented:
* also an Added not, the Server had Team Viewer installed on it and I am wondering if this would cause the Routing and Remote Access Service to hang.

Any Thoughts?
0
 
dtssupportAuthor Commented:
I was able to fix the issue thru Windows Updates, I found that Exchange 2007 had a rollup available and I think it failed on the Windows Updates, so once I installed the Exchange Rollup and rebooted the Server that seem to resolve the issue.
0
 
dtssupportAuthor Commented:
finding out about the Windows Updates and noticing the Exchange Rollup failed and installing and rebooting fix the issue.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now