1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

IPSEC blocks Network traffic?

Discussion in 'Windows XP' started by Romulus, Jan 26, 2005.

Thread Status:
Not open for further replies.
  1. Romulus

    Romulus Thread Starter

    Joined:
    Aug 1, 2003
    Messages:
    107
    Okay, let's see if this can be solved.

    I've got a Windows 2003 Enterprise Server.
    The server has IIS6 configured and I'm using Trend Micro Server Protect.
    Unfortunately I haven't been able to find a proper firewall yet so this computer is pretty much "unprotected".

    What happened is that while I was updating an asp file I suddenly felt how the computer was going slower and slower.
    I tried accessing the homepage from another computer but it didn't seem to get a connection to the computer.
    A ping confirmed that the connection to the server was down.

    I tried to look at the services on the server and when I shut down the IPSEC service the network connection went up again.

    I looked at Task Manager and found that some services were using lots of CPU resources.
    wmiprvse.exe, wins.exe, cidaemon.exe and cisvc.exe are some services with strange behaviour.

    I tried to End the processes but they restarted all the time and I had to Disable the services to get a moment of peace.

    I've tried to visit Trend Micros, Symantecs, Pandas, RAVs and some other site to get an online scan. At that moment I didn't quite trust my own system.
    They didn't find anything.
    Despite that I made a manual search for suspicious files and entries in registry.
    I found entries by interbusca, F1 Organizer, TV Media and a couple of other files recognized as spyware (after a search on Google).

    I have not yet installed the Service Pack (is it still RC?) for W2003, but will try that very soon.

    Now.. The problem is that I'm running Exchange Server 2003 on this computer and has enabled SSL.
    The homepage works fine with all features, but when I'm trying to access the OWA it says Service Unavailable.
    Checking the Services tells me that the Exchange services are down.

    Are the services depending on IPSEC to be enabled?
    I was thinking this may be possible because IPSEC encrypts the traffic and I've activated SSL for the email, but I kind of need a second opinion on this problem.

    My Computer (Please, don't laugh):
    PII 800 MHz
    390 Mb RAM
    HDD 30Gb+120 Gb+200 Gb
    Windows 2003 Enterprise Server (DNS, DHCP, IIS6+FTP, AD) acts as a PDC.
    Exchange Server 2003
    Trend Micro Server Protect 5,58
    Trend Micro Scanmail

    Unfortunately I lack of resources in hardware and money and uses the same computer for lots of purposes. I've got lots of other applications on this server, such as Macromedia MX Suite, Nero Burning ROM, Plextools, MS Office 2003, IRC Server, Printer Server..
    I used to be running SQL Server 2000, but that one is now uninstalled since I activated SSL. Couldn't make them cooperate and have the Agent service running.

    Well, I believe I've got everything now.
    What I need is to have IPSEC running again and get the Exchange services up as without losing network connection.
    I also have some mailboxes on this server that I don't want to lose.
    Does someone have a guess on what's going on or maybe some advise on how to continue my troubleshooting?
     
  2. Romulus

    Romulus Thread Starter

    Joined:
    Aug 1, 2003
    Messages:
    107
    Got some additional information..

    Active Directory can't start, which explains Exchange Server. But Q is not why AD doesn't want to start..?

    I've got an Antivirus Server on network with an NT4 Server installed as Stand Alone.
    Delegated Trust for it to W2003 Server.
    Remember a while ago when W2003 Server complained about another server on network trying to act as a Master Browser.. Wonder if it's the NT4?
    Could this be the reason why AD wont start?

    Also.. Made a scan with OfficeScan installed (Never thought it would work installing it on W2003 E. Server).
    So far it has found 15 viruses on that server. I'm glad I'm stubborn and followed my instincts.

    Anyone have some guess to help me out on this issue?
    Maybe some suggestion on how to continue my troubleshooting?
     
  3. Romulus

    Romulus Thread Starter

    Joined:
    Aug 1, 2003
    Messages:
    107
    I believe I've found the error... Pretty silly that I didn't notice it earlier btw.
    The problem is that the DNS is totally blank. No record exist anymore.
    Don't know what happened to everything or why, but it's like I've never configured it.

    Is there an expert at AD? In that case, I'll need help with some questions.
    All the accounts are still there. All permissions still exists.
    The accounts are created by the Exchange 2003 version of "Active Directory Users and Computers" and approximatly 70 accounts has mailboxes.
    • Is there a way to "reactivate" the DNS, with all the records (without losing the accounts and permissions, incl. mailboxes)?
    • Will I need to restore the AD/DNS in some kind of Directory Services Restore Mode?
    • Will the accounts/profiles/mailboxes get damaged if I'll just recreate the DNS records and then restart the AD (by just adding all records from start)? (Is that possible?)
    • Is it possible to search for or import the DNS records? (A log or database with configuration saved?)

    The DNS Service is running and the homepage still works fine. It's also possible to login to homepage, but it's not possible to access OWA or mail account at all.

    Thanks in advance.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/323534

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice