Re: VPN connection working intermittently

Tech-Archive recommends: Fix windows errors by optimizing your registry

Hi

First of all you should check to see if you installed all post-SP2 updates
on SBS. Also download and run SBS Best Practices Analyser.

Even with all the post-SP2 updates installed, I have been experiencing the
exact same problem. I took some steps that seem to have helped reduce the
problem:
- Go into device manager and Manually disable TCP/IP Chimney/offloading
and Large Send Offload on the properties of each network card.
- If you are using a router to connect the ISA Server to Internet check
to see if the router has a built-in firewall. Mine had, and I disabled it.
- In my case it also helped updating router firmware and disabling DOS
protection on firewall of the client's router.
With this I seem to have been able to fix the exact same symptoms you
entioned (I'm still troubeshooting though to make sure it's REALLY solved).
Some clients are still experiencing the issue but I believe that those
particular clients are experiencing it because of faulty network cabling.

I actually got some support from the MS support which were great. You can
check out their tips for this problem at
http://groups.google.pt/group/microsoft.public.windows.server.sbs/browse_thread/thread/7f5ecf44dbca9963/c20d0a72875311f7?hl=pt-PT&lnk=st&q=pedro+vpn+connection+isa+server#c20d0a72875311f7

Can you also please point out the software you are running on the server? I
was also suspecting it could be AV related.
I'm running Symantec Antivirus Corporate Edition 10.1.6 and Symantec Mail
Security For Exchange v5. Are you running those too?

Pedro R.


<Patrick.Labbett@xxxxxxxxx> escreveu na mensagem
news:b66ecaf9-deff-49a3-945e-8b9de475f112@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
We are running SBS 2003 using RAS / ISA for VPN connectivity. We have
very random times when the connection will actually work. It seems to
get worse with time as well. Clients are able to connect
(authenticate, send bytes) but will not receive any response
(typically they will receive back 300-600 bytes and then stop) back
from the server. On the server side, viewing the connection through
the RAS server shows the same number of bytes being sent, but no more.
Occasionaly it will start working again and can remain working until
their use is done (i.e. 8 hour shift), othertimes it will fail
anywhere repeatig from immediately to 2 hours of connectivity

RAS is set to use DHCP and the ISA functionality was setup properly as
well (I have verified this many times via tutorials, examples, and
many hours of microsoft technet reading).

Our network seems to be communicating properly. The IP addresses are
assigned and gateway's on the vpn client are showing up. When the
connection does work, internal resources are all available (including
named i.e. dns, which I am inferring means ISA is setup properly for
allowances). Traffic does not seem to be a cause as I have tested this
during high bandwidth times and times of almost no other traffic. The
success rate remains the same.

A couple of weeks ago we got to the point that nobody could connect
for more than a few minutes. Then some clients worked fine while
others failed. Finally, I disabled and re-configured the RAS server
and ISA server, and everything worked very well for about 2 weeks. (We
were able to keep all of our remote clients connected reliably with
occasional disconnects but otherwise they got and stayed connected).
We are now getting back to the point where almost nobody can connect
for more than a few minutes. It will just stop receiving on the client
side and the server side shows nothing is being sent via the RAS
interface.

I have dilligently went through and verified all of my RAS and ISA
settings. It mostly seems to be in order.

Any ideas on what could be causing this? I have ruled out firewalls on
the client side, and I am sure our hardware firewall is fine. This
leads me to believe it's on the server.

At one point, we had luck in killing the w3wproxy process and then
manually restarting it which allowed access again. (I am still
unconvinced this is a direct cause of letting the vpn work again)

Please, help.

Patrick Labbett


.

Relevant Pages

  • RE: No internet for clients
    ... I understand that the internal clients ... Please rerun the CEICW to make sure your SBS 2003 server have right ... How to configure Internet access in Windows Small Business Server 2003 ... Two network adapters - manual router connection to broadband ...
    (microsoft.public.windows.server.sbs)
  • RE: SBS VPN connects but no shares..
    ... VPN clients can no longer access internal resources after you install ... Windows Server 2003 Service Pack 1 on a computer that is running ISA Server ... How to configure a VPN connection to your corporate network in Windows XP ...
    (microsoft.public.windows.server.sbs)
  • Re: Problem
    ... the remote site and see if they have the connection manager installed. ... So...whichever is easier to set up on the router. ... location B need to connect individually via VPN to the SBS server at ... server - not sure of the clients ip scheme - but I think it is ...
    (microsoft.public.windows.server.sbs)
  • RE: Cant remote desktop to clients connected via VPN
    ... that the VPN connection works well. ... that RDP does not work to clients connected via VPN (to all other clients it ... > the SBS 2003, but from your IP configuration, I found your DNS server is ...
    (microsoft.public.windows.server.sbs)
  • RE: Clients are losing connection to the server.
    ... Thank you for posting in the SBS newsgroup. ... I understand that clients are losing ... connection to the SBS 2003 SP1 Server. ... 825763 How to configure Internet access in Windows Small Business Server ...
    (microsoft.public.windows.server.sbs)