Re: VPN generates Internal Network logon problem
- From: Surfarn <Surfarn@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Sun, 22 Oct 2006 03:26:01 -0700
Hi!
I wonder if you find any solution in this matter? I experience the same
problems. I have one laptop running VPN and as long as he just do that and
not connect his laptop to the local network locally it works fine. But when
he is in the network it si painfully slow and the exchangeserver almost
stands still with the communication to the server. Have the same ID number
registered in the DNS eventviewer 4004 and 4015. I'm runnuning a SBS 2003
server Standard with the inbuilt firewall. XP on the clients and outlook2003.
The laptop is running a 3G card.
Do you think i helps to change to an external firewall?
Greatful for help
surfarn
""Crina Li"" wrote:
Hi Allan,.
Thanks for your update.
It is OK. Hope we can solve the issue in the future.
Thanks for your time.
Best regards,
Crina Li (MSFT)
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
=====================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| From: "Allan Sabiski" <allans*nospam*@ics-limited.com>
| References: <uJXH3h4pGHA.4368@xxxxxxxxxxxxxxxxxxxx>
<76niBHXqGHA.5740@xxxxxxxxxxxxxxxxxxxxx>
| Subject: Re: VPN generates Internal Network logon problem
| Date: Mon, 17 Jul 2006 17:45:03 -0400
| Lines: 196
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.2869
| X-RFC2646: Format=Flowed; Original
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2869
| Message-ID: <#D9VOpeqGHA.2464@xxxxxxxxxxxxxxxxxxxx>
| Newsgroups: microsoft.public.windows.server.sbs
| NNTP-Posting-Host: 66.153.88.130
| Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTNGP03.phx.gbl
| Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:282087
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| Crina,
| Thank you for the response. I have verified the settings, however I have
not
| made the requested steps until clarification.
| Previously I tried without success Steps C,D, and F. I did not do Step B
| since I did not find any domain.local under the MicrosoftDNS and since
| deleting domain.local from the main tree is rather radical I wanted
| clarification.
|
|
| See In-Line Responses
| Allan
|
| ""Crina Li"" <v-crinal@xxxxxxxxxxxxxxxxxxxx> wrote in message
| news:76niBHXqGHA.5740@xxxxxxxxxxxxxxxxxxxxxxxx
| > Hi Allan,
| >
| > Thank you for posting in SBS newsgroup.
| >
| > I am sorry for the delayed response due to weekend. Please understand
that
| > the newsgroups are staffed weekdays by Microsoft Support professionals
to
| > answer your systems and applications questions. Your understanding is
| > greatly appreciated!
| >
| > From your description, I understand the issue to be: the internal net
| > logon
| > turns slow after someone VPN to SBS. After a rebooting, the issue
| > disappears. However there are 4004 and 4015 DNS errors in the event log.
| > If
| > I have misunderstood your concerns, please do not hesitate to let me
know.
| >
| > As I know, 4004 and 4015 could be caused by various network
| > mis-configurations. I would suggest using the CEICW to default the
network
| > configuration.
| >
| > 825763 How to configure Internet access in Windows Small Business Server
| > 2003
| > http://support.microsoft.com/?id=825763
| >
| > In addition, you could check the following settings to confirm network
| > configuration. Regarding the slow logon issue, please make sure the
| > clients
| > are pointing to only the SBS server.
| >
| > For 2 NICs on SBS:
| **** Yes
| >
| > On SBS server:
| >
| > External NIC:
| > IP: assigned by your ISP or your hardware router *****Hardware router
| > address
| > Gateway: your ISP or your Hardware router IP *****Hardware router
IP
| > DNS: SBS INTERNAL NIC IP as the only entry ***** Internal NIC only
| >
| > Internal NIC:
| > IP: Fixed IP ***** Fixed IP
| > Gateway: None *****None
| > DNS: SBS INTERNAL NIC IP as the only entry ****Internal NIC IP Only
| >
| > In the DNS console (dnsmgmt.msc), right click your ServerName and click
| > properties. In the Forwarders tab, your ISP DNS server IP should be
| > inputted there. ****Dns Addresses Verfied
| >
| > On workstation inside your SBS local subnet
| >
| > IP: Assigned by DHCP on SBS *****DHCP
| > Gateway: SBS internal NIC IP *****From DHCP
| > DNS: SBS INTERNAL NIC IP as the only entry ********DNS Obtained
| > Automatically
| >
| > Also the events 4004 and 4015 may be logged if the DNS zone information
is
| > corrupted. Let's perform these steps:
| >
| > A. Open Active Directory Users and Computers, click View, Advanced.
| > *******OK
| > B. Expand domain.local -> System -> MicrosoftDNS and delete
domain.local.
| > *******There is no domain.local under MicrosoftDNS !!!! See Attachment
|
|
| > C. Open the DNS console, expand Forward Lookup Zones.
| > D. Click _msdcs.domain.local and delete the Alias for
| > sbsserver.domain.local (the long GUID entry).
| >
| > NOTE: If the _msdcs folder is missing under domain.local, please create
a
| > new delegation: Right-click domain.local, select new, then delegation,
| > click next on the wizard, under delegated domain, type in _msdcs and
click
| > next, click Add and browse to the server's A record under Forward Lookup
| > Zones, domain.local, click OK and Finish.
| >
| > F. Run these commands:
| >
| > ipconfig /flushdns
| > ipconfig /registerdns
| >
| > net stop netlogon
| > net start netlogon
| >
| > net stop dns
| > net start dns
| >
| > And then check if the events 4015 and 4004 are still being logged.
| >
| > I appreciate your time and look forward to hearing from you.
| >
| > Best regards,
| >
| > Crina Li (MSFT)
| >
| > Microsoft CSS Online Newsgroup Support
| >
| > Get Secure! - www.microsoft.com/security
| >
| > =====================================================
| > This newsgroup only focuses on SBS technical issues. If you have issues
| > regarding other Microsoft products, you'd better post in the
corresponding
| > newsgroups so that they can be resolved in an efficient and timely
manner.
| > You can locate the newsgroup here:
| > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
| >
| > When opening a new thread via the web interface, we recommend you check
| > the
| > "Notify me of replies" box to receive e-mail notifications when there
are
| > any updates in your thread. When responding to posts via your
newsreader,
| > please "Reply to Group" so that others may learn and benefit from your
| > issue.
| >
| > Microsoft engineers can only focus on one issue per thread. Although we
| > provide other information for your reference, we recommend you post
| > different incidents in different threads to keep the thread clean. In
| > doing
| > so, it will ensure your issues are resolved in a timely manner.
| >
| > For urgent issues, you may want to contact Microsoft CSS directly.
Please
| > check http://support.microsoft.com for regional support phone numbers.
| >
| > Any input or comments in this thread are highly appreciated.
| >
| > =====================================================
| >
| > This posting is provided "AS IS" with no warranties, and confers no
| > rights.
| > --------------------
| > | From: "Allan Sabiski" <allans*nospam*@ics-limited.com>
| > | Subject: VPN generates Internal Network logon problem
| > | Date: Fri, 14 Jul 2006 16:59:56 -0400
| > | Lines: 24
| > | X-Priority: 3
| > | X-MSMail-Priority: Normal
| > | X-Newsreader: Microsoft Outlook Express 6.00.2900.2869
| > | X-RFC2646: Format=Flowed; Original
| > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2869
| > | Message-ID: <uJXH3h4pGHA.4368@xxxxxxxxxxxxxxxxxxxx>
| > | Newsgroups: microsoft.public.windows.server.sbs
| > | NNTP-Posting-Host: 66.153.88.130
| > | Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTNGP05.phx.gbl
| > | Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:281488
| > | X-Tomcat-NG: microsoft.public.windows.server.sbs
| > |
| > | We have a SBS2003 premium with ISA 2004.
| > |
| > | Most times, whenever someone logs in and out via VPN, existing
| > connections
| > | seem to be fine, however, when a client logs in after the VPN
| > connection,
| > | then the NETLOGON process (and all other authentication) is painfully
| > slow.
| > | DHCP seems to also sometimes fail to generate a DHCP address to the
| > client.
| > |
| > | When the problem exists, there are no error messages reported at the
| > server,
| > | the server health status seems to be fine.
| > |
| > | The problem is cleared by rebooting the server and clients. This does
| > seem
| > | to show some DNS error records. 4004 Unable to complete directory
| > service
| > | enumeration and 4015 DNS server encountered a critical error from the
| > Active
| > | Directory extended error 51.
| > |
| > | Under normal circumstances without using VPN there seem to be no
errors
| > and
| > | everything runs normal.
| > |
| > | Any ideas where to start looking ?
| > |
| > | Thanx
| > | Allan
| > |
| > |
| > |
| >
|
|
|
|
- Follow-Ups:
- Re: VPN generates Internal Network logon problem
- From: "Crina Li"
- Re: VPN generates Internal Network logon problem
- Prev by Date: Re: Outlook RPC over HTTP
- Next by Date: Re: Anybody know of more recent information
- Previous by thread: Vista and SBS2003
- Next by thread: Re: VPN generates Internal Network logon problem
- Index(es):
Relevant Pages
|
Loading
