Solved

RPC Server unavailable at new site

Posted on 2014-01-09
5
594 Views
Last Modified: 2014-01-13
This is an odd one, although I think it's a WAN connectivity, or firewall issue, while the Network Team looks at it I thought I'd ask....

We set up a new site with an Server 2012 AD controller, File Server, and SCCM server.  All of the servers are virtual guests running on a VMware 5.1 server on an "Office in a Box" Cisco UCS system.  We can connect to the site via http, telnet, etc. from any of our other sites.  We can connect to this new remote site similarly.  We can use UNC, Event Viewer, etc. (other RPC apps) from the other sites to the new remote site.  However, at the remote site anything using RPC, notably port 135, outward to another site will not work.  I get RPC 1722 "RPC server unavailable" errors for various things like replication, directory services, cannot access remote file shares out from the remote site.

Anything RPC I try in the internal remote site will work.   Anything RPC related outside the remote site will not work.

Cisco and the WAN provider say everything is going through.  If I use TraceTCP from the remote site out on port 135 it stops at the gateway at the remote site.  If I use TraceTCP to test other ports (53, 80, etc.) it will route out of the remote site network.  Of course, the WAN provider and Cisco say they don't see an issue.
0
Comment
Question by:Darthyw
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 23

Assisted Solution

by:Patrick Bogers
Patrick Bogers earned 250 total points
ID: 39768573
Hi

Maybe the internet provider is blocking the use of port 135, did you ask them?
0
 
LVL 37

Accepted Solution

by:
Mahesh earned 250 total points
ID: 39768766
You need to check firewall \ router logs by generating test traffic where it is getting blocked

Issue must exists with new site switch \ router \ firewall only for outbound traffic, may be there is some loop issue or route issue. please check with network team end to end

You can try portqueryui tool as well to check

Mahesh
0
 

Author Comment

by:Darthyw
ID: 39769151
Thanks.  I had tried portqueryui earlier, a great tool, which helped see that only some ports were jacked.  We had opened a ticket with MS about the issue - just in case, although I doubted a MS issue - and they confirmed it's likely some underlying WAN, ISP, Firewall issue.  The firewall isn't on the Windows servers, and we aren't using a third party firewall on the servers themselves.

The network team is reviewing.  The ISP and Cisco say they can traceroute and telnet between using the very ports (135 particularly) we are seeing issues with.  Interestingly though, from the Windows servers using tracetcp on port 135 from the remote site back to any other site, the trace drops right after the gateway at the remote site.
0
 
LVL 16

Expert Comment

by:Dirk Mare
ID: 39774298
Sounds like a routing problem on your gateway, make sure the gateway at remote site has the correct routes to your other sites..

DirkMare
0
 

Author Closing Comment

by:Darthyw
ID: 39777122
I split the points with Mahesh and Patricksr1972 for their prompt answers.  In my research any of these are likely RPC error causes.  And in our case it was something in a switch/router on the WAN service providers MPLS lines somewhere.  We got all parties involved on a call, launched Outlook on a computer from the remote site since our issue was specifically RPC traffic, and all the telecom and network guys got packet captures.  They narrowed the issue down to between two cities near the remote site, and sent a tech to get some better captures at one of the sites.   The issues were the WAN providers equipment, and once they made some quick setting change it all started working.

Thanks for the help all.  The portqueryUI tool is a great tool as well.  I didn't think it would be any issue from a Windows server side since at the site all the Windows servers communicated with one another fine.  So, I didn't see a protocol stack issue like some KBs mentioned could be a problem.  My only other thought was perhaps an AD Sites and Services configuration on this new site, although I never saw an issue.  Obviously it was our WAN.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The reason that corporations and businesses use Windows servers is because it supports custom modifications to adapt to the business and what it needs. Most individual users won’t need such powerful options. Here I’ll explain how you can enable Wind…
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question