We help IT Professionals succeed at work.

Windows 2008 R2 server restarts when access remotely via VPN

196 Views
Last Modified: 2015-01-16
Hey Experts!  I have a riddle for you that I'm haven't been able to figure out.  

I have a Windows 2008 R2 server that has LANGuard installed which I use for software deployment and Windows/Microsoft patch management.  When I access the server at the office via RDP and deploy updates through LANGuard, I have no problems.  However, when I am at home, make a VPN connection to that server and begin deploying updates via LANGuard, the server restarts after several minutes.

The VPN software is from Avaya and my laptop I use at home and desktop I use at work are the same OS.  The updates aren't related to the server as that was my first guess as to why the server restarted.  The updates are Windows software updates for a different OU group.

I would greatly appreciate any help you can provide on this.  I can provide log files or anything else if that would help.  Thanks.
Comment
Watch Question

Exec Consultant
CERTIFIED EXPERT
Distinguished Expert 2019
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
noxchoIT Product Manager
CERTIFIED EXPERT
Top Expert 2009
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
btanExec Consultant
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
this MS link will also be handy to configure the actions that Windows takes when a system error (also referred to as a bug check, system crash, fatal system error, or stop error) occurs.
Iain MacMillanIT Regional Manager - UK

Commented:
do you not VPN into your firewall system/core switch (gateway) first, then try RDP to the server as before, or do you have to VPN into that specific server?

Do you have the server fully patched and service packed?
 
Does it have a static IP?
 
Does it have any internal firewall and/or security/AV software installed (that makes allowances for remote/VPN ip range connections?
Are you using the latest version of your VPN client (or try a 3rd party open source one like Shrewsoft)?

If you have the ability to assign an external IP and NAT config on your firewall, you could setup a restricted rule to allow you to RDP direct to to the server from your home, to take the VPN aspect out of the equation/process.

Author

Commented:
Hey everyone.  Thanks for your suggestions.  I was out on Wed for a little hand surgery (piece of glass removal) and I am trying to catch up without the use of one hand so I am pecking the keyboard.  

I will try out your suggestions and get back to you if you requested more information.  Thanks for your patience!
noxchoIT Product Manager
CERTIFIED EXPERT
Top Expert 2009

Commented:
Take care man.
Nox
btanExec Consultant
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
rest well for a longer journey

Author

Commented:
Greetings everyone!

I believe I narrowed down the problem as being one that relates to LANGuard and installing updates on the server.  I'm not completely sold on that idea so i am going to answer your questions and respond to your replies to verify that I have tried your suggestions and there isn't something else going on that I missed.  I appreciate your patience and I will do my best to get back to you ASAP!

Author

Commented:
a) during that period after vpn is established what is the default gateway as compared to RDP connection or any changes to the NIC in specific to addressing.
---Not sure but I will make a connection this evening and let you know

b) what other events (like apps, security and error) happened and log in the event viewer before and after the restart.
---That's the kicker.  Nothing else listed in the event viewer that appears to be consistent with the restart.  No services that are unexpectedly shutting down or faults detected.

c) any differences on (or does it even) restart behavior after VPN established and without you sending over the patch
---Good question!  The LANGuard service is set to start at startup so it isn't the service that is causing the reboot but once I open the app and deploy the updates, the server restarts.  Even when I deploy the updates to the other non-server OU's, this server (and only this server) will restart

d) any difference if login vpn user account is not administrator or any other user..
---I've only tried my AD credentials.  I can try logging in with the local admin account (unless I misunderstood your question)

e) any difference if the client with vpn (into server), is not connected to the internet or have split tunnel enabled/disabled
---It's the state's VPN system and I don't know if split tunnel is enabled/disabled

f) restart is persistent and consistent regardless as long as you vpn login
---Restart on the server only happens when I log in with my laptop from home with VPN and open the LANGuard app

g) any scheduled restart job in the server and condition for job task that may cause restart
---none

this restart seems strange though and hard to find out without much leads ...or LanGuard has certain background script asking to restart system
---I'm wondering if the LANGuard server had a left over update that wasn't deployed until the previous patch was installed and server restarted.  Long shot but it may be the culprit.  Thanks for the great questions!

Author

Commented:
Does it do a normal restart or crash (BSOD)? I assume it is crashing and your recovery options in System Advanced Settings are configured to restart the server in case of crash.
Reconfigure it to create minidump file and see what is causing these crashes.
---Not related to BSOD (or I didn't think until now) so I will make that change and see if I can re-create the issue.  Good thought!

Author

Commented:
do you not VPN into your firewall system/core switch (gateway) first, then try RDP to the server as before, or do you have to VPN into that specific server?
---VPN connection is into the state's VPN connector.  From there, I remote into the server.

Do you have the server fully patched and service packed?
---I've audited the server and notice there are several updates which need to be installed which I am working on now.  Because of this, I believe that the server has updates that need to be installed following other updates installing and server restarts.  I'm guessing that the server doesn't restart during the day as I don't push updates during normal business hours.  When I push them in the evening, the updates are pushed out but I'm not updating the "server" OU, just all of the PC's.  Somehow when LANGuard is running, an update that was pending or waiting on the server to restart is installed and prompts another restart after installation.
 
Does it have a static IP?
---Yes
 
Does it have any internal firewall and/or security/AV software installed (that makes allowances for remote/VPN ip range connections?  
---Sophos installed and Windows FW enabled which is how the other servers are configured but don't have the restart issue.

Are you using the latest version of your VPN client (or try a 3rd party open source one like Shrewsoft)?
---Good question!  I found out last week that I am using a version that is a couple of patches behind.  I'm working on getting the update and will test again to see if I can trigger the restart.

If you have the ability to assign an external IP and NAT config on your firewall, you could setup a restricted rule to allow you to RDP direct to to the server from your home, to take the VPN aspect out of the equation/process.
---Good suggestion but I don't have this access.

Thanks for your help and questions!!
btanExec Consultant
CERTIFIED EXPERT
Distinguished Expert 2019
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
noxchoIT Product Manager
CERTIFIED EXPERT
Top Expert 2009
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Author

Commented:
Greetings Experts!

After many side projects that ate up any free time I thought I had, I was finally able to look into this issue further.  Thank you in advance for your patience with this as I know it can be frustrating waiting for someone to reply back.

From the testing that I ran with your suggestions and posts in mind, I found that the restart issue was occurring in the evenings when I would remote in and deploy updates via LANGuard (LG).  I intentionally connected to other W2K8 servers from the same VPN connection to see if I could trigger a restart or crash similar to what happened with the LG server.  I wasn't able to duplicate the restart so I tested the LG access from my office.  When I deployed updates through LG from the office, I targeted the other OU's and by chance, I found that I could restart the server.  Long story short (too late), in the LG interface, I had selected it to get the updates when I deployed the others and thereby restarting it after updates were installed.  I chalk it up to user error which explains why it didn't happen all the time.

Rather than close the question out or delete it, I want to reward you all for your time and trouble-shooting advice that will help others with similar questions or experiences.  If you feel I've cheated you on points, please let me know and I will request they be changed as I did my best to be fair to you.  I greatly appreciate your help and time (and patience) with me on this question and I look forward to working with you all in the near future!

-Aaron
btanExec Consultant
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
appreciate your kind sharing and learning
Iain MacMillanIT Regional Manager - UK

Commented:
well done and glad you got it sorted.  we tend to isolate some servers when doing patches for this very reason, so they don't auto restart, though i think we used GPO's on the later server OS's to stop auto restarts.  We also use the PDQ suit for deploy/inventory for 3rd part patches like Java, Flash and such.
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.