Server 2008 PPP Adapter RAS(Dial in)

Good day,

I have noticed on our windows server 2008 R2 Domain controller there is two IP's when I run IPCONFIG.

I also noticed that when I ping the server hostname from some of the PC's it replies with the other IP address(192.168.0.52).

Ipconfig shows:
PPP Adapter RAS(Dial in) Interface
192.168.0.52
255.255.255.0

Ethernet adapter  
(This is the correct IP)
192.168.0.10
255.255.255.0

There is also VPN set up on the server. I'm just not sure why it replies with the other IP when I ping the server from other workstations.

I see on the server DNS both Ip address are there mapping to the same servername.

Any suggestions?

Thanks
JJThiartAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

davealfordIt SupportCommented:
Do you have both IPs bound to the a single interface or two physical network cards?
0
JJThiartAuthor Commented:
Its one adapter, I don't know where the other one (0.52) comes from.

The adapter does show virtual network cause there is hyper V installed, though I'm not using it actively at the moment.
0
davealfordIt SupportCommented:
manage network connections/right click adapter/properties/internet protocol version 4/properties will show primary IP address. Click Advanced... to see if second address added.
Alternative is to check if Routing and Remote Access is configured. If it is then it may not be configured correctly to not register IP addresses in DNS.

If only a single network adaptor with two IPs you'd need to ask why two IPs assigned. This is usually done to have multiple IPs on IIS websites etc. or multiple connectors in Exchange with different security settings.

It shouldn't really matter so long as DNS/WINS is configured to resolve as required.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Mark BillExchange, AD, SQL, VMware, HPE, 3PAR, FUD, Anti MS Tekhnet, Pro EE, #1Commented:
Ok I usually do this with RRAS questions because it just should not really be in place, especially if a firewall exists there are many reasons for this. I can list if you want.

We should be doing VPN at the firewall level here presuming you have one.
sonicwall, watchguard, juniper, netgear, zyxel all have built in vpn modules some even have built in ssl vpn modules.

Think you need to remove this RRAS setup from this DC.
0
JJThiartAuthor Commented:
Thanks for the feedback,

I see in server manager - routing and remote access - ipv4 - The internal interface has a IP address of 192.168.0.52,

Where in fact the server's IP address is 192.168.0.10.

The VPN was set up on the server, I didn't do it myself so I'm new to this setup
0
Mark BillExchange, AD, SQL, VMware, HPE, 3PAR, FUD, Anti MS Tekhnet, Pro EE, #1Commented:
what firewall have you got? I would just remove the thing period. There is an open rule in your firewall allowing people to connect to your domain controller.

I would personally just uninstall the RRAS role/feature and go from there.

If you dont have a firewall just buy a sonicwall tz model even the cheap one will do this they have even SSL VPN module built into them.
0
JJThiartAuthor Commented:
How do you mean there is a open rule allowing people to connect?

My problem is that we have users that connect through VPN, can I still just remove it??
0
Mark BillExchange, AD, SQL, VMware, HPE, 3PAR, FUD, Anti MS Tekhnet, Pro EE, #1Commented:
Well Ideally we will need to communicate this to them, and if at all in the mean time possible setup a new vpn on the firewall for them.

before doing anything ensure you have a firewall that will do vpn for you. what make and model is the firewall?
0
Mark BillExchange, AD, SQL, VMware, HPE, 3PAR, FUD, Anti MS Tekhnet, Pro EE, #1Commented:
in regards to the statement i made about a open rule to your dc what I mean is this.
If I knew who your company where i could whois them find out your ip potentially and then i know your RRAS port is open from anywhere in the world this is what defines open.

Something like VPN at the firewall level or SSL VPN which is technically setup wise the same difficulty level as VPN. This does not have this flaw.

I could port scan or nmap your companies IP too and get a truckload of info.
0
Mark BillExchange, AD, SQL, VMware, HPE, 3PAR, FUD, Anti MS Tekhnet, Pro EE, #1Commented:
Ye I would actually create the new vpn first in your shoes, ensure it works for all of them migrate them onto it one by one. give it a few days and remove RRAS from the server.
1

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.