Q199971: XCON: Troubleshooting Dynamic RAS Connector (TCP/IP)
Article: Q199971
Product(s): Microsoft Exchange
Version(s): winnt:4.0,5.0,5.5
Operating System(s):
Keyword(s): exc4 exc5 exc55
Last Modified: 11-JUN-2002
-------------------------------------------------------------------------------
The information in this article applies to:
- Microsoft Exchange Server, versions 5.5, 4.0, 5.0
-------------------------------------------------------------------------------
IMPORTANT: This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base:
Q256986 Description of the Microsoft Windows Registry
SUMMARY
=======
This document provides troubleshooting suggestions for the Exchange Server
Dynamic RAS Connector that is configured to use TCP/IP. It can help you isolate
any misconfiguration issues or breakdowns in the functionality of the underlying
components needed by the connector.
MORE INFORMATION
================
Most reported problems with the Dynamic RAS Connector end up being either a
basic configuration issue, a failure in RAS connectivity, or an underlying
problem with network functionality over RAS (especially name resolution or
remote procedure call [RPC] problems).
Troubleshooting steps are presented below in four phases from the most basic to
the more complex.
Most reported failed connections fall into the following type of symptoms. The
local modem dials and connects to the remote modem. Some data is exchanged but
then the modem hangs up. This pattern is repeated over and over. No e-mail is
sent. Troubleshooting these types of issues is covered in Phases 2 and 3.
Preliminary Notes
-----------------
- Exchange Server computers connecting through the Dynamic RAS Connector should
not have LAN connectivity to each other, as this confuses name resolution. If
a prior LAN connection was established, the servers need to be rebooted to
flush any cached connectivity information.
- Windows NT and Exchange Server should also be at the latest service pack
levels.
- To successfully connect two Exchange Server computers together dynamically
through RAS, both servers must have the TCP/IP protocol installed and must be
properly configured.
Phase 1 - Initial Troubleshooting
---------------------------------
1. Walk through the step by step "Dynamic RAS Connector" white paper found at
the following location, and double-check everything in the order it is
listed. Look for missed steps, typographical errors, and so on.
http://support.microsoft.com/support/exchange/content/whitepapers/whitepapers.asp
2. Remotely access the other server directly using either the Dial-up Networking
or RAS clients. In other words, if Exchange Server is not even in the
picture, is there basic RAS functionality?
If not, you need to review your RAS and Windows NT configuration. If the modem
is dialing but having trouble connecting to the other modem, you may want to
turn up Point-to-Point Protocol (PPP) logging. You can enable the Ppp.log
file by setting the following registry entry to a value of 1:
WARNING: If you use Registry Editor incorrectly, you may cause serious problems
that may require you to reinstall your operating system. Microsoft cannot
guarantee that you can solve problems that result from using Registry Editor
incorrectly. Use Registry Editor at your own risk.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan \PPP\Logging
3. Check the RemoteListen parameter setting under
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Parameters\NetbiosGateway.
It should be set to 2. A value of 0 or 1 indicates that something unusual such
as removing and reinstalling the RAS server has taken place after the
Exchange Server RAS Message Transport Agent (MTA) Transport stack was added.
You can try just resetting the value to 2, but given the unknowns in this
situation, you may need to remove and reinstall the Exchange Server RAS
Connector and the RAS MTA Transport stack as well.
4. If you attempt to send a message but quickly get a non-delivery report (NDR)
without the server even attempting to dial, you likely have an addressing
problem on the local server. Double-check the exact spelling of all fields in
your custom recipient and on the connector's Connected Sites tab (also verify
any addresses on the Address Space tab if they exist).
5. If your server does connect to the other server but you get an NDR, you need
to carefully read the NDR to determine if it originated from your server or
the other server.
If it came from the other server, the specific recipient you are sending to
may not exist on the other server or there may be a spelling or typographical
error on your custom recipient entry.
If it came from your own server, it may be a result of too many failed
connection attempts or deleting the message from the queue through the
Exchange Server Administrator program. If so, just queue up a new test
message.
Phase 2 - Troubleshooting Network Functionality over RAS
--------------------------------------------------------
1. Connect from Server1 to Server2 using the same phone book entry the RAS
Connector uses.
Be sure to use the same account and password used on the RAS Override page to
connect.
NOTE: If you first log on to both servers as the RASCON account, you do not
have to specify the security context in step 4. You can also use the Run with
Security option while testing RPC in step 8.
To log on as RASCON, you may first have to give the account permissions to log
on locally in User Manager for Domains. To do so, on the Policies menu, click
User Rights, and make the appropriate changes.
2. Note the IP addresses Server2 supplied to Server1 for use during the
connection.
If Server2 (the one receiving the call and assigning the IP addresses from its
static pool), only has one modem and has only two addresses in its pool, the
IP address assigned to Server1 for this connection is the second address in
Server2's pool. If Server2 has more than one modem or more than two addresses
in its pool, you need to verify the address assigned.
Windows NT 4.0
From Server1 (the server which dialed the phone), double-click the Dial-Up
Network Monitor icon on the right side (or bottom) of the taskbar. After the
Dial-Up Networking Monitor is displayed, click the Details button from either
the Status or Summary tabs. The IP address displayed is the one Server2 (the
dialed server) assigned to Server1 (the dialing server) from its static IP
address pool for this connection.
Windows NT 3.51
From Server1 (the server which dialed the phone), bring up the Remote Access
client and click the Status button on the top right. The IP address displayed
near the bottom of the Port Status window is the one Server2 (the dialed
server) assigned to Server1 (the dialing server) from its static IP address
pool for this connection.
3. Ping IP addresses in both directions over the RAS connection.
a. From Server1 (the server which dialed the phone), ping the first IP
address in Server2's Pool.
b. From Server1, ping Server2's Network Card IP address.
c. From Server1, ping Server2 by its server name.
d. From Server2, ping the IP address assigned to Server1 for this connection
(from Server2's pool).
Pinging Server1's Network Card IP or host name does not work from the RAS server
to client.
From our three-server example (see the step-by-step Dynamic RAS Connector
checklist), if Seattle called Portland, you would perform the following pings:
From Seattle
- ping 172.16.0.0
- ping 192.168.0.0
- ping PORTLAND
From Portland
- ping 172.16.0.2
4. Perform a net use command from Server1 to connect to IPC on Server2. This
establishes the proper security context to the other server's domain:
net use \\server2\ipc$ /user:domain2\rascon password
In our three-server example, if Seattle (Server1) is connecting to Portland
(Server2), the command issued on the Seattle server is as follows:
net use \\portland\ipc$ /user:oregon\rascon ras
Be sure to allow the command to finish successfully or to give a specific
error message.
If there is any failure at this point, carefully check your command-line
syntax, server name, domain name, RAS connector account name, and password
(including case). Then check the security information for the RAS connector
account on the other domain.
5. Perform a net use command in the other direction (from Server2 to Server1)
using the IP address that was assigned from the Server2's pool (see step 2
for details).
NOTE: This only works if Server2 is using Windows NT 4.0. The Windows NT 3.51
object manager doesn't support device lookup by IP address. If Server2 is
using Windows NT 3.51, skip this step.
In our three-server example, if Seattle (Server1) is connecting to Portland
(Server2), the command issued on the Portland server is as follows:
net use \\172.16.0.2\ipc$ /user:washington\rascon ras
Be sure to allow the command to compete successfully or to give a specific
error message.
If there is any failure at this point, carefully check your command-line
syntax, IP address, domain name, RAS connector account name, and password
(including case). Then check the security information for the RAS connector
account on the other domain.
6. Perform a net view command from Server1 to view the shares on Server2:
net view server2
When Server1 initiates the RAS call, the IP addresses are supplied by Server2.
Server1 should have an entry in its LMHOSTS file that allows it to resolve
Server2's name to an IP address so the standard net view servername command
works.
In our three-server example, if Seattle (Server1) is connecting to Portland
(Server2), the command issued on the Seattle server is as follows:
net view portland
If name resolution is working, you should see a list of the shares on the
other server.
7. Perform a net view command in the other direction (from Server2 to Server1)
using the IP address that was assigned from the Server2's pool (see step 2
for details).
NOTE: This only works if Server2 is using Windows NT 4.0. The Windows NT 3.51
object manager doesn't support device lookup by IP address. If Server2 is
using Windows NT 3.51, skip this step.
Server1 is acting in the role of a RAS client and not a RAS server in this
case so the LMHOSTS entry Server2 has for Server1 will not work in this
situation. That entry is based on an IP address from the RAS pool on Server1,
which is not used when Server1 is in the role of a client. As a result, a net
view servername command will not work. However, in Windows NT 4.0, you can
still test functionality by net viewing the IP address directly.
In our three-server example, if Seattle (Server1) is connecting to Portland
(Server2), the command issued on the Portland server is as follows:
net view 172.16.0.2
If name resolution is working, you should see a list of the shares on the
other server.
NOTE: The second net view and net use above more closely mimic what happens
when the MTA over RAS attempts a Bindback (the most common potential problem
area).
8. Perform RPCPing tests in both directions over the established connection. Be
sure to configure the client half to use the TCP/IP Protocol Sequence. If you
have logged on to both servers as the RASCON account (as suggested in step
1), you should also click to select the Run with Security check box. If your
test fails with Security checked, then try again without it.
a. Run Rpingc32.exe on Server1 and Rpings.exe on Server2, and ping Server2 by
name.
b. Run Rpings.exe on Server1 and Rpingc32.exe on Server2, and ping Server1 by
IP.
The RPC Ping client should report successful pings, or there may be a problem
with RPC.
In our example with Seattle connecting to Portland:
- Seattle RPC pings Exchange Server: PORTLAND
- Portland RPC pings Exchange Server: 172.16.0.2
NOTE: RPC pinging by IP is only supported on Windows NT 4.0.
RPC Ping utility documentation can be found with the utility on the Exchange
Server CD.
9. Hang up the connection and then have Server2 connect to Server1 using the
same phone book entry the RAS Connector is set to use.
10. Repeat steps 2 through 8 over the new connection.
Problems with this phase over connections in either direction indicate
underlying Windows NT problems that need to be corrected before you continue
with the Exchange Server Dynamic RAS Connector configuration.
Phase 3 - Intermediate Troubleshooting
--------------------------------------
1. If no problems were uncovered in Phase 2, increase the logging on the
Exchange Server MTAs on both servers for the X.400 Services and Field
Engineering categories to Maximum. Then log another failed connection.
2. Check the system logs on both servers for any reported RAS errors and the
application logs on both servers for any Exchange Server errors. Be sure to
check the details of any Exchange Server errors for embedded Windows NT or
RAS errors. The MSExchangeMTA 9311 Field Engineering event in particular
often contains useful embedded RAS errors.
For example, here is a 9311 from the application log:
MSExchangeMTA Field Engineering Warning 9311
A RAS communications error has occurred for gateway
/o=MS/ou=PSS/cn=Configuration/cn=Connections/cn=DR. RAS error
code returned: 718, RAS Table index: 0. The MTA will attempt to
recover the RAS connection. [BASE IL PIPE RAS 35 230] (12)
Notice the RAS error code embedded above. It is documented in the Rasphone.hlp
Help file. To find the RAS error messages open the file, and on the Find tab,
search for "Error Messages."
In this case, the Help file points out that the RAS 718 error is a PPP
Time-out. It further describes a 718 error as follows:
A PPP conversation was started, but was terminated because the remote
computer did not respond within an appropriate time. This can be caused by
poor line quality or by a problem at the server.
Embedded RAS codes along with the error messages in the RAS Help can be one of
the more useful tools in identifying initial problems.
If an Event ID 9316 is encountered, double-check the Remote Server Name field
on the RAS Connector's General page (including case), and re-verify the
information on the RAS Override page.
MSExchangeMTA Interface Warning 9316
An RPC communications error occurred. No data was sent over the
RPC connection. Locality table (LTAB) index: <x>. Windows NT
error: 9301.The MTA will attempt to recover the RPC connection.
[BASE IL PIPE RAS xxxxx] (12)
3. Check to see that both modems are on the Hardware Compatibility List and have
modem scripts that are included with Windows NT or are the most recent
scripts from the modem manufacturer.
4. If the modem is a higher speed modem, try using the generic Hayes compatible
9600 script instead.
Phase 4 - Preparing to Escalate to Microsoft Product Support Services (PSS)
---------------------------------------------------------------------------
1. Clear the application and system logs.
2. Start a Network Monitor trace. (Note 1)
3. Send a test message (while X.400 Service and Field Engineering are still
logging at Maximum).
4. Collect the following seven files (preferably zipped into one file), and
contact PSS:
- Server 1 application log
- Server 1 system log
- Server 2 application log
- Server 2 system log
- Network Monitor *.cap Trace of the RAS attempt (Note 1)
- Admindmp.txt file for the RAS Connector object on Server 1 (Note 2)
- Admindmp.txt file for the RAS Connector object on Server 2 (Note 2)
Note 1: If you have not used Network Monitor to capture a trace over RAS before:
1. Locate Network Monitor (this can be from Systems Management Server CDs or a
dated copy direct from PSS).
2. Run the Setup program to install Network Monitor on one of the Exchange
Server computers.
3. Start Network Monitor, and on the Capture menu, click Networks.
4. Select the network with the Current Address beginning with 5241 or 000000,
and click OK.
5. On the Capture menu, click Start.
6. Perform a RAS connector test (you should see activity in Network Monitor at
this point).
7. On the Capture menu, click Stop.
8. Save a *.cap file by clicking Save As on the File menu.
Note 2: If you have not performed an Administrator Dump on an object before:
WARNING: Using the raw mode of the Exchange Server Administrator program (admin
/r) incorrectly can cause serious problems that may require you to reinstall
Microsoft Windows NT Server and/or Microsoft Exchange Server. Microsoft cannot
guarantee that problems resulting from the incorrect use of raw mode can be
solved. Use raw mode at your own risk.
1. Start the Microsoft Exchange Server Administrator program in raw mode by
typing the following at a command prompt:
"c:\exchsrvr\bin\admin /r" (without the quotation marks)
2. If an Admindmp.txt file already exists in the C:\Exchsrvr\Bin\ folder, delete
or rename it.
3. Select the object you want to dump the raw properties from (in this case the
RAS Connector object).
4. Press and hold down the CTRL key.
5. On the File menu, click Raw Properties.
6. Release the CTRL key after the raw properties are displayed.
7. Cancel out of the raw properties.
8. Rename the newly created Admindmp.txt file to match the object it was dumped
from (each new dump recreates or appends to any existing Admindmp.txt file).
9. Quit raw mode.
Additional query words: DRAS
======================================================================
Keywords : exc4 exc5 exc55
Technology : kbExchangeSearch kbExchange500 kbExchange550 kbExchange400 kbZNotKeyword2
Version : winnt:4.0,5.0,5.5
Issue type : kbhowto
=============================================================================
THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.
Copyright Microsoft Corporation 1986-2002.