kyuss2242
Technical User
- Dec 3, 2010
- 6
Hello all, Sorry I was not sure where to post this so I chose the IP forum.
I am troubleshooting an intermittent issue with remote clients dialing into a RRAS server hosted on Server 2008 R2. A few facts
1. The server is a VMware server and has NPS and RRAS running on it.
2. Before the 2008 Server we used a virtual 2003 RRAS server and we had no issues
3. If I turned the 2003 server back on and enabled RRAS clients could access the subnet that is inaccessible even though port 1723 is forwarded to the 2008 server.
4. The server has one NIC allocated to it, although it creates an internal NIC and pulls an address from the dhcp server.
5. The server sits behind a Cisco ASA 5520, port 1723 is forwarded to the RRAS server.
6. Users do not have any issues connecting to the VPN, it is intermittent issues connecting to one subnet, the 10.4.0.x/20 the other subnets have no connectivity issues.
7. It seems the majority of the times users connect to the vpn and they are unable to access the 10.4..x.x/20 network, this means they can't ping or access anything at that campus and the LYNC calls are one way as the LYNC server is hosted in the 10.4.x.x/20 subnet. However I have found that if I disconnect and reconnect a few times eventually I pull an a different address from the server that for some reason allows access to the 10.4.x.x/20. The address is always a 10.0.9.x no matter if it gets access to 10.4.x.x.
8. Our Default Gateway resides at out local ISP with 1 gig fiber connecting our two main campuses that are each approximately 20 miles from the ISP and about 40 miles from each other.
9. I realize this is a poor design and I am slowly cleaning this up after my predecessor, including replacing the PPTP/RRAS with Cisco Anyconnect and replacing the aging HP hardware with Cisco switching.
Any help you can give me would be appreciated! I am sure I am forgetting key pieces so ask any questions you need and I will try and answer them.
The RRAS server Route print:
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.2.185 261
10.0.0.0 255.255.240.0 On-link 10.0.2.185 261
10.0.2.185 255.255.255.255 On-link 10.0.2.185 261
10.0.9.106 255.255.255.255 10.0.9.106 10.0.9.231 19
10.0.9.107 255.255.255.255 10.0.9.107 10.0.9.231 19
10.0.9.111 255.255.255.255 10.0.9.111 10.0.9.231 19
10.0.9.159 255.255.255.255 10.0.9.159 10.0.9.231 19
10.0.9.231 255.255.255.255 On-link 10.0.9.231 274
10.0.15.255 255.255.255.255 On-link 10.0.2.185 261
10.0.17.0 255.255.255.0 10.0.0.6 10.0.2.185 7
10.0.18.0 255.255.255.0 10.0.0.6 10.0.2.185 7
10.0.48.0 255.255.240.0 10.0.0.5 10.0.2.185 7
10.2.16.0 255.255.240.0 10.0.0.6 10.0.2.185 7
10.3.1.0 255.255.255.0 10.0.0.6 10.0.2.185 7
10.4.0.0 255.255.240.0 10.0.0.5 10.0.2.185 7
10.4.18.0 255.255.255.0 10.0.0.5 10.0.2.185 7
10.5.0.0 255.255.255.0 10.0.0.5 10.0.2.185 7
10.5.1.0 255.255.255.0 10.0.0.5 10.0.2.185 7
10.5.3.0 255.255.255.0 10.0.0.5 10.0.2.185 7
10.10.0.0 255.255.240.0 10.0.0.6 10.0.2.185 7
10.14.0.0 255.255.240.0 10.0.0.5 10.0.2.185 7
10.50.0.0 255.255.240.0 10.0.0.6 10.0.2.185 7
10.99.0.0 255.255.240.0 10.0.0.5 10.0.2.185 7
10.104.0.0 255.255.255.252 10.0.0.6 10.0.2.185 7
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 10.0.0.5 10.0.2.185 7
192.168.36.0 255.255.255.0 10.0.0.6 10.0.2.185 7
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.0.2.185 261
224.0.0.0 240.0.0.0 On-link 10.0.9.231 274
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.0.2.185 261
255.255.255.255 255.255.255.255 On-link 10.0.9.231 274
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 10.0.0.1 Default
===========================================================================
Router print from my Workstation while connected to the VPN and unable to access 10.4.x.x
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.242.242.254 10.242.242.100 25
10.0.0.0 255.0.0.0 10.0.9.231 10.0.9.78 26
10.0.0.0 255.255.240.0 On-link 10.0.9.78 26
10.0.9.78 255.255.255.255 On-link 10.0.9.78 281
10.0.15.255 255.255.255.255 On-link 10.0.9.78 281
10.242.242.0 255.255.255.0 On-link 10.242.242.100 281
10.242.242.100 255.255.255.255 On-link 10.242.242.100 281
10.242.242.255 255.255.255.255 On-link 10.242.242.100 281
68.65.34.229 255.255.255.255 10.242.242.254 10.242.242.100 26
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.50.0 255.255.255.0 On-link 192.168.50.1 276
192.168.50.1 255.255.255.255 On-link 192.168.50.1 276
192.168.50.255 255.255.255.255 On-link 192.168.50.1 276
192.168.70.0 255.255.255.0 On-link 192.168.70.1 276
192.168.70.1 255.255.255.255 On-link 192.168.70.1 276
192.168.70.255 255.255.255.255 On-link 192.168.70.1 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.242.242.100 281
224.0.0.0 240.0.0.0 On-link 192.168.50.1 276
224.0.0.0 240.0.0.0 On-link 192.168.70.1 276
224.0.0.0 240.0.0.0 On-link 10.0.9.78 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.242.242.100 281
255.255.255.255 255.255.255.255 On-link 192.168.50.1 276
255.255.255.255 255.255.255.255 On-link 192.168.70.1 276
255.255.255.255 255.255.255.255 On-link 10.0.9.78 281
===========================================================================
Persistent Routes:
None
And when I am unable to:
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.242.242.254 10.242.242.100 25
10.0.0.0 255.0.0.0 10.0.9.231 10.0.9.48 26
10.0.0.0 255.255.240.0 On-link 10.0.9.48 26
10.0.9.48 255.255.255.255 On-link 10.0.9.48 281
10.0.15.255 255.255.255.255 On-link 10.0.9.48 281
10.242.242.0 255.255.255.0 On-link 10.242.242.100 281
10.242.242.100 255.255.255.255 On-link 10.242.242.100 281
10.242.242.255 255.255.255.255 On-link 10.242.242.100 281
68.65.34.229 255.255.255.255 10.242.242.254 10.242.242.100 26
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.50.0 255.255.255.0 On-link 192.168.50.1 276
192.168.50.1 255.255.255.255 On-link 192.168.50.1 276
192.168.50.255 255.255.255.255 On-link 192.168.50.1 276
192.168.70.0 255.255.255.0 On-link 192.168.70.1 276
192.168.70.1 255.255.255.255 On-link 192.168.70.1 276
192.168.70.255 255.255.255.255 On-link 192.168.70.1 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.242.242.100 281
224.0.0.0 240.0.0.0 On-link 192.168.50.1 276
224.0.0.0 240.0.0.0 On-link 192.168.70.1 276
224.0.0.0 240.0.0.0 On-link 10.0.9.48 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.242.242.100 281
255.255.255.255 255.255.255.255 On-link 192.168.50.1 276
255.255.255.255 255.255.255.255 On-link 192.168.70.1 276
255.255.255.255 255.255.255.255 On-link 10.0.9.48 281
===========================================================================
Persistent Routes:
None
I am troubleshooting an intermittent issue with remote clients dialing into a RRAS server hosted on Server 2008 R2. A few facts
1. The server is a VMware server and has NPS and RRAS running on it.
2. Before the 2008 Server we used a virtual 2003 RRAS server and we had no issues
3. If I turned the 2003 server back on and enabled RRAS clients could access the subnet that is inaccessible even though port 1723 is forwarded to the 2008 server.
4. The server has one NIC allocated to it, although it creates an internal NIC and pulls an address from the dhcp server.
5. The server sits behind a Cisco ASA 5520, port 1723 is forwarded to the RRAS server.
6. Users do not have any issues connecting to the VPN, it is intermittent issues connecting to one subnet, the 10.4.0.x/20 the other subnets have no connectivity issues.
7. It seems the majority of the times users connect to the vpn and they are unable to access the 10.4..x.x/20 network, this means they can't ping or access anything at that campus and the LYNC calls are one way as the LYNC server is hosted in the 10.4.x.x/20 subnet. However I have found that if I disconnect and reconnect a few times eventually I pull an a different address from the server that for some reason allows access to the 10.4.x.x/20. The address is always a 10.0.9.x no matter if it gets access to 10.4.x.x.
8. Our Default Gateway resides at out local ISP with 1 gig fiber connecting our two main campuses that are each approximately 20 miles from the ISP and about 40 miles from each other.
9. I realize this is a poor design and I am slowly cleaning this up after my predecessor, including replacing the PPTP/RRAS with Cisco Anyconnect and replacing the aging HP hardware with Cisco switching.
Any help you can give me would be appreciated! I am sure I am forgetting key pieces so ask any questions you need and I will try and answer them.
The RRAS server Route print:
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.2.185 261
10.0.0.0 255.255.240.0 On-link 10.0.2.185 261
10.0.2.185 255.255.255.255 On-link 10.0.2.185 261
10.0.9.106 255.255.255.255 10.0.9.106 10.0.9.231 19
10.0.9.107 255.255.255.255 10.0.9.107 10.0.9.231 19
10.0.9.111 255.255.255.255 10.0.9.111 10.0.9.231 19
10.0.9.159 255.255.255.255 10.0.9.159 10.0.9.231 19
10.0.9.231 255.255.255.255 On-link 10.0.9.231 274
10.0.15.255 255.255.255.255 On-link 10.0.2.185 261
10.0.17.0 255.255.255.0 10.0.0.6 10.0.2.185 7
10.0.18.0 255.255.255.0 10.0.0.6 10.0.2.185 7
10.0.48.0 255.255.240.0 10.0.0.5 10.0.2.185 7
10.2.16.0 255.255.240.0 10.0.0.6 10.0.2.185 7
10.3.1.0 255.255.255.0 10.0.0.6 10.0.2.185 7
10.4.0.0 255.255.240.0 10.0.0.5 10.0.2.185 7
10.4.18.0 255.255.255.0 10.0.0.5 10.0.2.185 7
10.5.0.0 255.255.255.0 10.0.0.5 10.0.2.185 7
10.5.1.0 255.255.255.0 10.0.0.5 10.0.2.185 7
10.5.3.0 255.255.255.0 10.0.0.5 10.0.2.185 7
10.10.0.0 255.255.240.0 10.0.0.6 10.0.2.185 7
10.14.0.0 255.255.240.0 10.0.0.5 10.0.2.185 7
10.50.0.0 255.255.240.0 10.0.0.6 10.0.2.185 7
10.99.0.0 255.255.240.0 10.0.0.5 10.0.2.185 7
10.104.0.0 255.255.255.252 10.0.0.6 10.0.2.185 7
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 10.0.0.5 10.0.2.185 7
192.168.36.0 255.255.255.0 10.0.0.6 10.0.2.185 7
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.0.2.185 261
224.0.0.0 240.0.0.0 On-link 10.0.9.231 274
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.0.2.185 261
255.255.255.255 255.255.255.255 On-link 10.0.9.231 274
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 10.0.0.1 Default
===========================================================================
Router print from my Workstation while connected to the VPN and unable to access 10.4.x.x
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.242.242.254 10.242.242.100 25
10.0.0.0 255.0.0.0 10.0.9.231 10.0.9.78 26
10.0.0.0 255.255.240.0 On-link 10.0.9.78 26
10.0.9.78 255.255.255.255 On-link 10.0.9.78 281
10.0.15.255 255.255.255.255 On-link 10.0.9.78 281
10.242.242.0 255.255.255.0 On-link 10.242.242.100 281
10.242.242.100 255.255.255.255 On-link 10.242.242.100 281
10.242.242.255 255.255.255.255 On-link 10.242.242.100 281
68.65.34.229 255.255.255.255 10.242.242.254 10.242.242.100 26
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.50.0 255.255.255.0 On-link 192.168.50.1 276
192.168.50.1 255.255.255.255 On-link 192.168.50.1 276
192.168.50.255 255.255.255.255 On-link 192.168.50.1 276
192.168.70.0 255.255.255.0 On-link 192.168.70.1 276
192.168.70.1 255.255.255.255 On-link 192.168.70.1 276
192.168.70.255 255.255.255.255 On-link 192.168.70.1 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.242.242.100 281
224.0.0.0 240.0.0.0 On-link 192.168.50.1 276
224.0.0.0 240.0.0.0 On-link 192.168.70.1 276
224.0.0.0 240.0.0.0 On-link 10.0.9.78 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.242.242.100 281
255.255.255.255 255.255.255.255 On-link 192.168.50.1 276
255.255.255.255 255.255.255.255 On-link 192.168.70.1 276
255.255.255.255 255.255.255.255 On-link 10.0.9.78 281
===========================================================================
Persistent Routes:
None
And when I am unable to:
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.242.242.254 10.242.242.100 25
10.0.0.0 255.0.0.0 10.0.9.231 10.0.9.48 26
10.0.0.0 255.255.240.0 On-link 10.0.9.48 26
10.0.9.48 255.255.255.255 On-link 10.0.9.48 281
10.0.15.255 255.255.255.255 On-link 10.0.9.48 281
10.242.242.0 255.255.255.0 On-link 10.242.242.100 281
10.242.242.100 255.255.255.255 On-link 10.242.242.100 281
10.242.242.255 255.255.255.255 On-link 10.242.242.100 281
68.65.34.229 255.255.255.255 10.242.242.254 10.242.242.100 26
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.50.0 255.255.255.0 On-link 192.168.50.1 276
192.168.50.1 255.255.255.255 On-link 192.168.50.1 276
192.168.50.255 255.255.255.255 On-link 192.168.50.1 276
192.168.70.0 255.255.255.0 On-link 192.168.70.1 276
192.168.70.1 255.255.255.255 On-link 192.168.70.1 276
192.168.70.255 255.255.255.255 On-link 192.168.70.1 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.242.242.100 281
224.0.0.0 240.0.0.0 On-link 192.168.50.1 276
224.0.0.0 240.0.0.0 On-link 192.168.70.1 276
224.0.0.0 240.0.0.0 On-link 10.0.9.48 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.242.242.100 281
255.255.255.255 255.255.255.255 On-link 192.168.50.1 276
255.255.255.255 255.255.255.255 On-link 192.168.70.1 276
255.255.255.255 255.255.255.255 On-link 10.0.9.48 281
===========================================================================
Persistent Routes:
None