# [SOLVED] Server can ping and RDP out back cannot be pinged or RDPed to



## 5hu7d0wn (Sep 16, 2008)

Greetings all. I've got a little problem that's turning into a *big* problem which i was hoping you may have some idea about.

I'm having problems pinging one of my servers. The thing is, there's no firewall set on the server (the firewall service hasn't been started), and the weird thing is the server can still ping and connect to other servers! I'm not sure if this may be a (the?) cause of the problem but the server in question has Remote access / VPN service setup on it aswell (hence, the reason why the firewall is not enabled). I have absolutely no idea why the previous sysadmin setup Remote access / VPN on the server and where I stand now, I'm honestly at a loss. :4-dontkno

Any help would be great guys.

TIA,
5hu7d0wn


----------



## 2xg (Aug 5, 2009)

*Re: Server can ping and RDP out back cannot be pinged or RDPed to*

Hello 5hu7d0wn and welcome to TSF!

How long you've been having this issue? Also, any windows updates installed recently? You may do a Last Known Good Config, restart the server in a convenient time Tap F8 then select Last Known Good Config and see if this resolved the issue.

Make sure that there aren't any Security software installed in your server such as McAfee, Symantec or ZoneAlarm.

I would also run Malwarebytes this just to be safe => http://download.cnet.com/Malwarebyt...4572.html?part=dl-10804572&subj=dl&tag=button

Please post back results.


----------



## 5hu7d0wn (Sep 16, 2008)

*Re: Server can ping and RDP out back cannot be pinged or RDPed to*

Thanks for the welcome and your reply, 2xgrump!

There haven't been any recent updates on the server as far as I know...not the the last month or so anyway. I tried a "last known good configuration" rollback on the server but it didn't do much. The problem was still the same. The server in question is actually a site server. It's a pain that I can't get in remotely considering RDPing doesn't work and it's some distance away from our main datacenter! :upset:

Anyhow, the guys who setup the server are long gone so i can't enquire about the VPN setup on the server. In any case, I don't see it's use. The server isn't internet facing, so I don't see the need to have the VPN setup. I initially thought it was setup to cater for a secure connection back to our Citrix farm but the logic doesn't hold. Why setup a VPN over a LAN to access network resources?? 

I'll be heading out onsite later today to remove the VPN service and then take it from there. I'll keep yous posted. I may find something of use to others, who knows?!

Cheers,
5hu7d0wn


----------



## 2xg (Aug 5, 2009)

*Re: Server can ping and RDP out back cannot be pinged or RDPed to*

You're welcome. Yes, pls. keep me posted.


----------



## 5hu7d0wn (Sep 16, 2008)

*Re: Server can ping and RDP out back cannot be pinged or RDPed to*

Hey there 2xgrump, my servers back up again!

It did have something to do with the Routing and Remote Access / VPN service (RRAS). I found out yesterday that RRAS uses the ipnat.sys driver file, which is the same file that's used for Windows Firewall/Internet Connection Sharing (ICS). Now, I'm not sure how, but I'm suspecting when RRAS was setup, the ipnat.sys file somehow enabled the firewall on the servers NIC as well as on the domain firewall profile, and blocked all incoming packets that didn't match the "criteria" defined in the RRAS configuration, to connect to the "VPN" server...does that make sense?? I'm sure the logic fits but I don't know how.... 

In any case, disabling RRAS solved the problem for me, and all the disgruntled remote users are now appeased! :smile: I'm now off to do some research on the ipnat.sys file and I'll post any interesting finds I may come across!

Thanks for your help on this though, 2xgrump, I appreciate it much!

Cheers,
5hu7d0wn


----------



## 2xg (Aug 5, 2009)

*Re: Server can ping and RDP out back cannot be pinged or RDPed to*

I'm glad that all is well now and you're very welcome. Thanks for sharing the info as well. You should make some notes for future references. It'll come handy.


----------

