| Author |
Message |
Scott
Guest
|
 Posted:
Thu Nov 10, 2005 9:48 am Post subject:
Ip Restricted |
|
|
Hi all,
I have a perplexing problem, which I have been unable to chase down
yet, and I thought someone here may have come across it themselves.
On a network at one of our client clients, every now and then, one of the
PC's on the LAN/WAN fails to be able to ping (or communicate in any way
with) one of our servers.
The machine can ping any other Server/PC/Printer on the Lan or WAN (There's
3 sites linked with IPSEC over Internet via routers), but cannot communicate
at all with the Terminal server.
The Terminal server is setup very basic, in Terminal server application
mode, using Windows 2003 server Standard Edition (SP1).
I have tried all sorts of things on the client PC (Most recently having
probs) including renewing the DHCP, setting TCP/IP to defaults with the
NETSH command etc etc. but with no success
There is no log in the server (Event Viewer), or the routers indicating
anything going on here.
Here's the thing though. If I manually set the IP address of the PC to a
DIFFERENT IP address, with all other settings set identically, then the
problem goes away!
Whilst this is a quick and easy work-around, I have had to do this to
several machines now, and would rather not have to track these fixed IP's in
order to avoid conflicts.
We have not configured IIS or anything on this server, but it sort of smells
like that type of problem. It looks as though 'something' is taking offense
to a machine, and blocking it's access to this server completely based on
it's IP address.
The only other thing to note is that I'm 'pretty sure' that this is
happening immediately after a PC gets dropped of f(ie. goes to a
'disconnected' state) a Terminal session unexpectedly. (eg. The internet
drops out momentarily or some such thing)
Any help or suggestions would be greatly appreciated.
Thanks in advance!
Scott |
|
| Back to top |
|
 |
Steven L Umbach
Guest
|
| Posted:
Thu Nov 10, 2005 9:51 am Post subject:
Re: Ip Restricted |
|
|
It sounds like the TS is doing some sort of IP filtering. First thing I
would check is the Windows Firewall to see
if it has any restrictions configured for the scope for port 3389 TCP if it
is enabled. The other thing to check is to see
if any ipsec policy is configured on the TS server. The mmc two snapins for
IP Security will show what ipsec policy
is enabled if any and the filter configurations for the ipsec policy.
Booting into Safe Mode with networking for the
TS server may also be worth a try. If nothing can be found I would try
changing the network adapter on the TS server
to see if that helps. Any other firewall/router in that path between
clients and server could be suspect in that IP filtering
is being done. --- Steve
"Scott" <someone@microsoft.com> wrote in message
news:%23Ctchma5FHA.2816@tk2msftngp13.phx.gbl...
| Quote: | Hi all,
I have a perplexing problem, which I have been unable to chase down
yet, and I thought someone here may have come across it themselves.
On a network at one of our client clients, every now and then, one of the
PC's on the LAN/WAN fails to be able to ping (or communicate in any way
with) one of our servers.
The machine can ping any other Server/PC/Printer on the Lan or WAN
(There's 3 sites linked with IPSEC over Internet via routers), but cannot
communicate at all with the Terminal server.
The Terminal server is setup very basic, in Terminal server application
mode, using Windows 2003 server Standard Edition (SP1).
I have tried all sorts of things on the client PC (Most recently having
probs) including renewing the DHCP, setting TCP/IP to defaults with the
NETSH command etc etc. but with no success
There is no log in the server (Event Viewer), or the routers indicating
anything going on here.
Here's the thing though. If I manually set the IP address of the PC to a
DIFFERENT IP address, with all other settings set identically, then the
problem goes away!
Whilst this is a quick and easy work-around, I have had to do this to
several machines now, and would rather not have to track these fixed IP's
in order to avoid conflicts.
We have not configured IIS or anything on this server, but it sort of
smells like that type of problem. It looks as though 'something' is taking
offense to a machine, and blocking it's access to this server completely
based on it's IP address.
The only other thing to note is that I'm 'pretty sure' that this is
happening immediately after a PC gets dropped of f(ie. goes to a
'disconnected' state) a Terminal session unexpectedly. (eg. The internet
drops out momentarily or some such thing)
Any help or suggestions would be greatly appreciated.
Thanks in advance!
Scott
|
|
|
| Back to top |
|
|
S. Pidgorny
Guest
|
| Posted:
Thu Nov 10, 2005 1:50 pm Post subject:
Re: Ip Restricted |
|
|
Yes - I'd run network captures at each hop to find out where the traffic
gets lost.
--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-
"Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
news:%232$s%23Xb5FHA.2628@TK2MSFTNGP11.phx.gbl...
| Quote: | It sounds like the TS is doing some sort of IP filtering. First thing I
would check is the Windows Firewall to see
if it has any restrictions configured for the scope for port 3389 TCP if
it is enabled. The other thing to check is to see
if any ipsec policy is configured on the TS server. The mmc two snapins
for IP Security will show what ipsec policy
is enabled if any and the filter configurations for the ipsec policy.
Booting into Safe Mode with networking for the
TS server may also be worth a try. If nothing can be found I would try
changing the network adapter on the TS server
to see if that helps. Any other firewall/router in that path between
clients and server could be suspect in that IP filtering
is being done. --- Steve
|
|
|
| Back to top |
|
|
Scott
Guest
|
| Posted:
Fri Nov 11, 2005 1:50 am Post subject:
Re: Ip Restricted |
|
|
Thanks guys, I'll check all of that out!
"S. Pidgorny <MVP>" <slavickp@yahoo.com> wrote in message
news:%23maaMNe5FHA.620@TK2MSFTNGP12.phx.gbl...
| Quote: | Yes - I'd run network captures at each hop to find out where the traffic
gets lost.
--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-
"Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
news:%232$s%23Xb5FHA.2628@TK2MSFTNGP11.phx.gbl...
It sounds like the TS is doing some sort of IP filtering. First thing I
would check is the Windows Firewall to see
if it has any restrictions configured for the scope for port 3389 TCP if
it is enabled. The other thing to check is to see
if any ipsec policy is configured on the TS server. The mmc two snapins
for IP Security will show what ipsec policy
is enabled if any and the filter configurations for the ipsec policy.
Booting into Safe Mode with networking for the
TS server may also be worth a try. If nothing can be found I would try
changing the network adapter on the TS server
to see if that helps. Any other firewall/router in that path between
clients and server could be suspect in that IP filtering
is being done. --- Steve
|
|
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in