Posted on 2013-12-02
Last Modified: 2014-01-19
I had a momentary few minutes where I could not connect to the SB2008 Server through Teamviewer Client nor RDP through VPN, I was able to ping the SBServer from another Server successfully and  I could rdp to the other application servers, I was also told the Exchange 2007 was not functioning at that time as well. After a few minutes I was able to access the SBSServer2008 and everything was functioning as normal. I reviewed the Event logs and under System the only abnormality was: RasSstp Error (Event24) and Warning (Event 18).

I am not sure these Events are the culprit but wanted to pose this question out to see if anyone has had any similar situation with an interruption like this.  No DNS Issue found as well.
Question by:dtssupport
  • 4
LVL 28

Expert Comment

by:Bill Bach
ID: 39691326
There are many possible scenarios:
1) Network reconfiguration:  If the NIC was in the process of reconfiguring, you could get denied access like this.  A common reason for this is a faulty cable that is not true Cat5E(or higher) and attempting to use GbE connection.  I've seen the NIC reconfigure itself for 100Mbps, then switch back to GbE -- all on its own.
2) Busy NIC:  If a process was consuming all of the network bandwidth for a period of time (such as backup, large file copy, etc.), then connection-based processes can have problems connecting in a timely manner.  PING, which is a simple UDP packet, may be able to squeeze through.
3) Switching or networking problem: The problem may not be specific to the server, but rather to a switch to which it is connected. If someone created a switching loop, routing loop, or the like, then communications can fail.
4) Another machine came up with that IP address: This is the more scary option -- another PC could be trying to use the same IP address as the server.  The PING works, but you were actually pinging the wrong system.  If it happens again, check the ARP table after the PING to verify that the correct machine responded.  This could also be indicative of an attempted Man-In-The-Middle attack, where network packets are being re-routed to a bad host.  
5) Major CPU issue: if the server CPU was very busy and unable to process the connection requests in a timely manner, then this symptom could be seen.  Again, PING replies are very easy and require little to no CPU time.  Setting up a new RDP session, OTOH, takes some real work.

To tell for sure, you can use Wireshark or some other network analysis tool connected to the same core switch, monitoring traffic from that server, and see what is responding (and what isn't) when the problem occurs.

Expert Comment

ID: 39691876
try this:

1) Run "Fix My Network"
2) Enable VPN (again)
3) run "netsh http show" check IPv6 is not missing
4) if it is add IPv6 run (xxx is your cert HashKey): netsh http add sslcert ipport=[::]:443 certhash=xxx appid={ba195980-cd49-458b-9e23-c84ee0adcd75} certstorename=MY
5) Reboot.

Author Comment

ID: 39706728
Wanted to elaborate a little more on this issue, I just had it happen again and it hangs up the SBS2008 DC and we cannot access it through RDP and the Exchange 2007 stops communicating and it hung for about 15minutes before we could access everything again.
in the Event log it said the Routing and Remote Access failed, and here is the actual Log Error:

Log Name:      System
Source:        Microsoft-Windows-RasSstp
Date:          12/9/2013 1:15:43 PM
Event ID:      24
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      SERVER01.xxxx.local
The certificates bound to the HTTPS listener for IPv4 and IPv6 do not match. For SSTP connections, certificates should be configured for for IPv4, and [::]:Port for IPv6. The port is the listener port configured to be used with SSTP. The default listener port is 443.
Event Xml:
<Event xmlns="">
    <Provider Name="Microsoft-Windows-RasSstp" Guid="{6c260f2c-049a-43d8-bf4d-d350a4e6611a}" EventSourceName="RasSstp" />
    <EventID Qualifiers="0">24</EventID>
    <TimeCreated SystemTime="2013-12-09T18:15:43.000Z" />
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Security />

Can you tell me if someone has any thoughts on the solution for this, not quite sure if the above answer is  the same for this one?

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.


Author Comment

ID: 39706777
* also an Added not, the Server had Team Viewer installed on it and I am wondering if this would cause the Routing and Remote Access Service to hang.

Any Thoughts?

Accepted Solution

dtssupport earned 0 total points
ID: 39779819
I was able to fix the issue thru Windows Updates, I found that Exchange 2007 had a rollup available and I think it failed on the Windows Updates, so once I installed the Exchange Rollup and rebooted the Server that seem to resolve the issue.

Author Closing Comment

ID: 39791926
finding out about the Windows Updates and noticing the Exchange Rollup failed and installing and rebooting fix the issue.

Featured Post

Active Directory Webinar

We all know we need to protect and secure our privileges, but where to start? Join Experts Exchange and ManageEngine on Tuesday, April 11, 2017 10:00 AM PDT to learn how to track and secure privileged users in Active Directory.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
GPO - Set RDP access for specific OU Admin only 4 29
SCCM 2012 14 36
Enable remote desktop on remote Windows 7 computer 3 144
URL for downloading Google Chrome for Win XP 2 194
This article describes how to set permissions to allow a limited-permissions user to start and stop a particular System Service.   It is always best to give users only the permissions that they need to perform their job, so tweaking particular permi…
Have you ever had a hard drive that you can't boot into, but need to change the registry? Here is the solution! This article guides you through accessing and editing a registry of a non-primary drive. To read registry information on a non-prim…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question