Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
simondeutsch
Aged Yak Warrior
547 Posts |
 Posted - 2005-12-07 : 22:41:17
|
| A client has two locations, each with a separate LAN, that are connected via ADSL, with SonicWall on both sides, to form a VPN. Both sides have a server/domain running Windows Server 2003 with some shares.The workstations in Location A need to access the shares in Location B using a custom application. Sometimes the connection to the shares seems to break, and the application cannot read the files on the share. If you double-click the share in My Network Places, it'll open and then the application can access the files there. After that, the shares on the LAN seem to become "disconnected"...Sarah Berger MCSD |
|
|
eyechart
Master Smack Fu Yak Hacker
3575 Posts |
Posted - 2005-12-07 : 22:59:21
|
quote:
Originally posted by simondeutsch
A client has two locations, each with a separate LAN, that are connected via ADSL, with SonicWall on both sides, to form a VPN. Both sides have a server/domain running Windows Server 2003 with some shares.The workstations in Location A need to access the shares in Location B using a custom application. Sometimes the connection to the shares seems to break, and the application cannot read the files on the share. If you double-click the share in My Network Places, it'll open and then the application can access the files there. After that, the shares on the LAN seem to become "disconnected"...Sarah Berger MCSD
ok, what is the question?Keep in mind this is a SQL Server forum. If you go delving into network stuff we may or may not be able to help out.-ec |
 |
|
|
simondeutsch
Aged Yak Warrior
547 Posts |
Posted - 2005-12-07 : 23:38:37
|
SQL Server happens notto be the problem here, even though it's running on both servers...The good people here just happen to have a lot of networking and programming knowledge too  The question is, why isn't the connection to the shares always open? And why does connecting to a remote share via VPN disconnect the LAN shares?Sarah Berger MCSD |
|
|
|
jhermiz
3564 Posts |
Posted - 2005-12-08 : 16:52:17
|
Maybe they are in use and become locked hence loosing connection?
Keeping the web experience alive -- [url]http://www.web-impulse.com[/url] |
|
|
|
Michael Valentine Jones
Yak DBA Kernel (pronounced Colonel)
7020 Posts |
Posted - 2005-12-08 : 18:57:13
|
| I can't think of anythig that could cause this, other than network connectivity issues, firewall issues, VPN issues, bandwidth issues, router issues, IP address resolution issues, domain trust issues, share permissions, directory permissions, file permissions, file locking issues, application problems, or network hardware problems.CODO ERGO SUM |
|
|
|
eyechart
Master Smack Fu Yak Hacker
3575 Posts |
Posted - 2005-12-08 : 20:34:15
|
quote:
Originally posted by simondeutsch
SQL Server happens notto be the problem here, even though it's running on both servers...The good people here just happen to have a lot of networking and programming knowledge too The question is, why isn't the connection to the shares always open? And why does connecting to a remote share via VPN disconnect the LAN shares?Sarah Berger MCSD
I'm guessing this is a problem with the Sonicwall appliance. I went to their website and looked through their KB and found this article:http://www.nohold.net/noHoldCust22/Prod_1/KnowledgePortal/KPscripts/ArticleViewer.asp?docid=2826416e5ee947219a52a6f86546dcc7_site_to_site_vpn_troubleshooting_Guide.pdfHere is the first paragraph.quote:
<SNIP>Problem #1: All of the applications I’m running across the VPN tunnel keep dropping,or the VPN tunnel itself is dropping…I’m not sure which.Possible solution: This issue is seen mostly with SonicOS Enhanced; it’s not actually the VPN tunnel dropping, butrather the default TCP lifetime for the tunnel is set too low. On most SonicWALLs, its set for 5 minutes by default, whichusually is not enough time for some applications and will disconnect a connection it sees as an open TCP connection (i.e.your applications) as inactive. Unlike SonicOS Enhanced, Firmware 6.x and SonicOS Standard do not run VPN trafficthrough NAT or the full stateful or deep packet inspection engines, and thus do not subject it to connection timeoutsunless the ‘Apply NAT and Firewall Rules’ option is enabled. To remedy this issue, adjust the lifetimes on both sides ofthe VPN tunnel...<SNIP>
EDIT:I broke that URL in half because it was so ridiculously long. You'll have to edit it back together in order to get to that PDF.-ec |
|
|
|
Sitka
Aged Yak Warrior
571 Posts |
Posted - 2005-12-16 : 18:41:51
|
Same domain or with trust relationships?Investigate or have Admins investigate just how well the AD is or isn't performing.True most of this stuff is black box and it's so bloody complicated I doubt anybody really knows it all but a dedicated tunnel through the firewalls between the domain controllers accompanied with a performance "analyis" so to speak is always part of domain maintenance. These kind of failures can be very frustrating so the more hands/knowledge the better. But the percursors to such failures often appear in the error log. With signatures like "sync failed" "polling...unavailable" etc. or even an right click ->properties on the share-security and if you see question marks ??? it can drop connectivity. Are the shares mapped, map them if they aren't. Sometimes the mapped share will become suspect and there will be a little question mark on the drive. Seems like you have a great lead via eyechart but as with anything network it's divide in two then divide each half in two again and so on. At the very least, to fight through it when the user calls "app dosen't run", build them a bat file that deletes the remaps the net use. Much like you have identified already. Ask them in a couple days how often they need to use it, (what if it happens at lunch all the time when differentials are run  ) at least they don't have the stress of calling all the time. And believe it or not if AD is the cause, over time often will seem to self heal. Usually by the evolution of the network as a whole. Gettin' rid of a shoddy switch or something."it's definitely useless and maybe harmful". |
|
|
|
|
|
|
|
|
Network shares on VPN