Re: Strange problem with opening a network place could be ISA 2004 or XP SP2 Problem
- From: v-edtian@xxxxxxxxxxxxxxxxxxxx (Edward Tian)
- Date: Thu, 22 Sep 2005 10:14:59 GMT
Dear Theo:
Some supplements.
Since the error may be recorded in the ISA logs, please also help to gather
the ISA logs:
1) Schedule a down time.
2) Open ISA 2004 management console.
3) Expand the server node and highlight 'Monitoring'.
4) In the right pane, switch to the 'Logging' tab, make sure the 'Task
Pane' is showed there.
5) In the 'Task Pane', click 'Configure Firewall Logging' under 'Logging
Tasks', and then switch the 'log storage format' from 'MSDE database'
(default) to 'File'.
6) Switch to the 'Fields' tab, click 'Select All', and then click OK.
7) In the 'Task Pane', click 'Configure Web Proxy Logging' under 'Logging
Tasks', and then switch the 'log storage format' from 'MSDE database'
(default) to 'File'.
8) Switch to the 'Fields' tab, click 'Select All', and then click OK.
9) Click 'Apply' to save changes and update the configuration.
10) Temporarily disable the Firewall service. To do that, please click
Monitoring | Services tab, and then right click 'Microsoft Firewall' to
choose 'Stop'.
11) Clear the current existing W3C logs. To do that, go to the log saving
directory and clean any existing .W3C logs. By default, the logs will be
saved to 'C:\Program Files\Microsoft ISA Server\ISALogs'. (Some MDF may not
be able to deleted, that's normal.) You may backup them first and then
delete them.
12) Go back to the ISA 2004 management console, and then Start the stopped
'Microsoft Firewall' service.
13) Reproduce the problem, stop the service, and then gather the resulting
W3C files to me for analysis.
14) Please also let me know the IP address of the testing client and the
remote server/Linux firewall so that I can filter the data.
Have a nice day! :)
Best Regards
Edward Tian(MSFT)
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
======================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
======================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| From: "Theo" <theo@xxxxxxxxxxxxxxxxxxxxxxxxx>
| Newsgroups: microsoft.public.windows.server.sbs
| Subject: Re: Strange problem with opening a network place could be ISA
2004 or XP SP2 Problem
| Date: Thu, 22 Sep 2005 10:41:56 +0100
| Lines: 264
| Message-ID: <dgtu94$a40$1$8302bc10@xxxxxxxxxxxxxxxx>
| References: <dgou86$dkg$1$8302bc10@xxxxxxxxxxxxxxxx>
<5f3x3clvFHA.3020@xxxxxxxxxxxxxxxxxxxxx>
| NNTP-Posting-Host: mitw2.demon.co.uk
| X-Trace: news.demon.co.uk 1127382116 10368 80.177.98.243 (22 Sep 2005
09:41:56 GMT)
| X-Complaints-To: abuse@xxxxxxxxx
| NNTP-Posting-Date: Thu, 22 Sep 2005 09:41:56 +0000 (UTC)
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2527
| X-Priority: 3
| X-RFC2646: Format=Flowed; Original
| X-Newsreader: Microsoft Outlook Express 6.00.2900.2527
| X-MSMail-Priority: Normal
| Path:
TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!newsfeed00.sul.t-online.de!t-onli
ne.de!195.92.193.196.MISMATCH!nntp.theplanet.net!inewsm1.nntp.theplanet.net!
newsfeed.icl.net!newsfeed.fjserv.net!peer-uk.news.demon.net!kibo.news.demon.
net!news.demon.co.uk!demon!not-for-mail
| Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:155512
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| Hi Edward
| Thanks for your response.
| Yes you understand the topology correctly
| 1, The VPN connection was created manually (using the add a new
connection
| wizard on WXP) - I did not know that the remote access wizard would do
the
| job and would like to know how to use it in future if you could point me
at
| some guidance notes.
| On with the current problem:
| 2, Disabling the firewall client has no effect (But another BTW I find
that
| I have to disable the firewall client to get Remote desk top over VPN to
| work, I appreciate it is not relevant to this issue because we have to do
| this on any remote desktop session over VPN but I would like to know if
this
| is as expected)
| 3, Yes we can ping the remote server once VPN is established but no using
| Run \\IP address\share name does not work.
| 4, Yes it occurs on all XP workstations but I have not tested it straight
| through the router yet. I will do that over the weekend and report back.
| 5, Yes the same problem occurs if we try to access the share from the ISA
| Server (VPN - network place)
| 6, I'll try to talk to the Linux firewall supplier
| 7, The event viewer on the XP workstations shows the three events I
posted
| originally - Interestingly the server has a different error as follows:
| Event Type: Error
| Event Source: DCOM
| Event Category: None
| Event ID: 10016
| Date: 22/09/2005
| Time: 10:28:58
| User: NT AUTHORITY\NETWORK SERVICE
| Computer: MITWS
| Description:
| The application-specific permission settings do not grant Local
Activation
| permission for the COM Server application with CLSID
| {BA126AD1-2166-11D1-B1D0-00805FC1270E}
| to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security
| permission can be modified using the Component Services administrative
tool.
| After the VPN is disconnected W32Time appears to resync.
| 8, I'll do the IP config all at the weekend also.
|
| Thanks for your help Edward
|
| "Edward Tian" <v-edtian@xxxxxxxxxxxxxxxxxxxx> wrote in message
| news:5f3x3clvFHA.3020@xxxxxxxxxxxxxxxxxxxxxxxx
| > Dear Theo:
| > Thanks for posting here. Glad to see you again.
| >
| > From the description, I understand that after you established the VPN
| > connection to a Linux firewall based VPN server, you cannot open the
| > network place on the remote SBS Server, but you can RDP to the server
from
| > the internal XP client. Your internal network is protected by the ISA
| > Server 2004. If I have misunderstood your concern, please feel free to
let
| > me know.
| >
| > Here I assume the network diagram as following:
| > XP clients---SBS2003/ISA2004---Router-----Internet------Linux
| > Firewall-----SBS2000
| >
| > Please correct me if the topology is not the exact one.
| >
| > First please make sure you have set the correct permissions on these
| > shared
| > folders to allow access from specific users. Try accessing the shared
| > folder using a domain administrator account, does the problem occur?
| >
| > To narrow down this issue, please help to gather the following
| > information:
| > 1. Can you tell me if you are using the Remote Access Wizard or manually
| > create the VPN connection? Which connection type do you use, PPTP or
L2TP?
| >
| > 2. Please try disabling the ISA firewall client on the XP workstation,
| > then
| > establish the VPN connection again and access the shared folder on the
| > remote SBS 2000 server. Does the problem persist?
| >
| > 3. Once the VPN connection is established, can you ping the IP address
or
| > the computer name of the SBS 2000 Server from the XP client? If so,
click
| > Start->Run, type \\<IP address of the SBS2000>\shared folder, can you
| > access the shares on the SBS box?
| >
| > 4. Does this problem occur on all the XP workstations? Please put a
laptop
| > directly connected to the Router/Modem (in front of the ISA Server), and
| > then establish the VPN connection again, does the problem persist? This
| > will help to confirm if the corresponding packets were dropped by the
ISA
| > Server.
| >
| > 5. Does this problem occur if you access the shares from the ISA Server
| > 2004 itself?
| >
| > 6. Since I have limited knowledge on Linux Firewall, if possible, could
| > you
| > temporarily try to establish the VPN connection directly to the SBS 2000
| > Server? Based on my research, the ISA Server cannot work well with some
| > hardware VPN Servers in some cases. (The VPN connection uses CALL ID to
| > acknowledge the two-way communication, some hardware firewall will
change
| > this CALL ID unexpectedly so that the related packet will be dropped by
| > ISA
| > due to the inconsistent CALL ID.)
| >
| > 7. Please double check the Event Viewer to see if there is any related
| > event log. If any, please post it to me in the reply for further
analysis.
| >
| > 8. Once the VPN connection is established, please type ipconfig/all on
| > both
| > the XP client side and the remote SBS 2000 side, and then send the
output
| > to me.
| >
| > I appreciate your time to perform the test. Please feel free to let me
| > know
| > if you have nay questions or concerns.
| >
| > Have a nice day! :)
| >
| > Best Regards
| > Edward Tian(MSFT)
| > Microsoft CSS Online Newsgroup Support
| >
| > Get Secure! - www.microsoft.com/security
| > ======================================================
| > This newsgroup only focuses on SBS technical issues. If you have issues
| > regarding other Microsoft products, you'd better post in the
corresponding
| > newsgroups so that they can be resolved in an efficient and timely
manner.
| > You can locate the newsgroup here:
| > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
| >
| > When opening a new thread via the web interface, we recommend you check
| > the
| > "Notify me of replies" box to receive e-mail notifications when there
are
| > any updates in your thread. When responding to posts via your
newsreader,
| > please "Reply to Group" so that others may learn and benefit from your
| > issue.
| >
| > Microsoft engineers can only focus on one issue per thread. Although we
| > provide other information for your reference, we recommend you post
| > different incidents in different threads to keep the thread clean. In
| > doing
| > so, it will ensure your issues are resolved in a timely manner.
| >
| > For urgent issues, you may want to contact Microsoft CSS directly.
Please
| > check http://support.microsoft.com for regional support phone numbers.
| >
| > Any input or comments in this thread are highly appreciated.
| > ======================================================
| > This posting is provided "AS IS" with no warranties, and confers no
| > rights.
| >
| > --------------------
| > | From: "Theo" <theo@xxxxxxxxxxxxxxxxxxxxxxxxx>
| > | Newsgroups: microsoft.public.windows.server.sbs
| > | Subject: Strange problem with opening a network place could be ISA
2004
| > or XP SP2 Problem
| > | Date: Tue, 20 Sep 2005 13:10:46 +0100
| > | Lines: 75
| > | Message-ID: <dgou86$dkg$1$8302bc10@xxxxxxxxxxxxxxxx>
| > | NNTP-Posting-Host: mitw2.demon.co.uk
| > | X-Trace: news.demon.co.uk 1127218246 13968 80.177.98.243 (20 Sep 2005
| > 12:10:46 GMT)
| > | X-Complaints-To: abuse@xxxxxxxxx
| > | NNTP-Posting-Date: Tue, 20 Sep 2005 12:10:46 +0000 (UTC)
| > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2527
| > | X-Priority: 3
| > | X-RFC2646: Format=Flowed; Original
| > | X-Newsreader: Microsoft Outlook Express 6.00.2900.2527
| > | X-MSMail-Priority: Normal
| > | Path:
| >
TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!newsfeed00.sul.t-online.de!t-onli
| >
ne.de!peer-uk.news.demon.net!kibo.news.demon.net!mutlu.news.demon.net!news.d
| > emon.co.uk!demon!not-for-mail
| > | Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:154794
| > | X-Tomcat-NG: microsoft.public.windows.server.sbs
| > |
| > | We cannot open (or create anew) network place on a remote server
which
| > we
| > | usually do by opening a VPN to the remote server and then using the
| > network
| > | place wizard.
| > | We are behind an SBS 2003 server with SP1 and ISA 2004 the remote
server
| > is
| > | SBS 2000 and has Linux based firewall on a separate PC.
| > | We make the VPN connection to the Linux firewall PC from which we can
| > the
| > | remote desktop into the server. When instead of the remote desktop we
| > try
| > to
| > | open a share using the network place wizard (\\servername or IP\share
| > name)
| > | we get a failure that we might not have correct permissions and when
we
| > try
| > | to create a new network place we get a failure that the share name is
| > | invalid. On the PC from which we are trying to do this (which is XP
SP2
| > | with the ISA 2004 client installed) we get the following event log
| > errors
| > in
| > | the system log.
| > | Event Type: Warning
| > | Event Source: Tcpip
| > | Event Category: None
| > | Event ID: 4226
| > | Date: 20/09/2005
| > | Time: 12:34:40
| > | User: N/A
| > | Computer: xxxxxx
| > | Description:
| > | TCP/IP has reached the security limit imposed on the number of
| > concurrent
| > | TCP connect attempts.
| > |
| > | For more information, see Help and Support Center at
| > | http://go.microsoft.com/fwlink/events.asp.
| > | Data:
| > | 0000: 00 00 00 00 01 00 54 00 ......T.
| > | 0008: 00 00 00 00 82 10 00 80 ....,..?
| > | 0010: 01 00 00 00 00 00 00 00 ........
| > | 0018: 00 00 00 00 00 00 00 00 ........
| > | 0020: 00 00 00 00 00 00 00 00 ........
| > |
| > | Event Type: Warning
| > | Event Source: LSASRV
| > | Event Category: SPNEGO (Negotiator)
| > | Event ID: 40961
| > | Date: 20/09/2005
| > | Time: 12:18:43
| > | User: N/A
| > | Computer: xxxxxx
| > | Description:
| > | The Security System could not establish a secured connection with the
| > server
| > | cifs/servername. No authentication protocol was available.
| > |
| > | For more information, see Help and Support Center at
| > | http://go.microsoft.com/fwlink/events.asp.
| > |
| > | And sometimes
| > | Event Type: Warning
| > | Event Source: Kerberos
| > | Event Category: None
| > | Event ID: 14
| > | Date: 20/09/2005
| > | Time: 12:12:30
| > | User: N/A
| > | Computer: xxxxxx
| > | Description:
| > | There were password errors using the Credential Manager. To remedy,
| > launch
| > | the Stored User Names and Passwords control panel applet, and reenter
| > the
| > | password for the credential Domain\UserName.
| > |
| > | For more information, see Help and Support Center at
| > | http://go.microsoft.com/fwlink/events.asp.
| > | Data:
| > | 0000: 64 00 00 c0 d..À
| > |
| > | Re-entering the password makes no difference and technet is
threadbare
| > on
| > | these errors.
| > | Any help would be greatly appraeciated.
| > | Theo
| > |
| > |
| > |
| > |
| >
|
|
|
.
- References:
- Prev by Date: Re: share acess to out domain domain machines
- Next by Date: Re: Backup Failure Volsnap errors
- Previous by thread: Strange problem with opening a network place could be ISA 2004 or XP SP2 Problem
- Next by thread: Re: Server Crash - backup restore works - Exchange restore doesn't
- Index(es):
Relevant Pages
|
