Enable Lan Routing Windows Server 2012

Hi!
I'm trying to setup the RRAS in a Windows server 2012 to route between my two networks. I have a windows server 2012 with two nics and the RRAS installed. I installed "Lan Routing" custom option.
My configuration is:
Server nic1 - 192.168.1.254 255.255.255.0 (no dfgateway)
Server nic2 - 192.168.103.54 255.255.255.0 (no dfgateway)
Clients subnet1 - 192.168.1.x 255.255.255.0 192.168.1.254
Clients subnet2- 192.168.103.x 255.255.255.0 192.168.103.54
The problem is that from a client of subnet1 i can ping 192.168.1.254 and 192.168.103.54 but i can't ping clients of subnet2, and backwards the same problem.
Thanks.

Your client machines need to know how to find the route to the other subnet.
1) So on a client on subnet 1, open a Command Prompt and type:
route add -p 192.168.103.0 mask 255.255.255.0 192.168.1.254
This adds a permanent route which tells the client to go to 192.168.1.254 to find network 192.168.103.0
2) On the clients on subnet2 you would type:
route add -p 192.168.1.0 mask 255.255.255.0 192.168.103.54
Make sure the clients have the appropriate server NIC address as their default gateway and DNS.
For example, for clients on subnet1:
IP: 192.168.1.x
Gateway: 192.168.1.254
DNS: 192.168.1.254
That is misleading at best. The original post is a straight forward example of subnet to subnet routing. No additional routes are required because the default routing is quite adequate. If you look at the addresses of the static routes you provide
you will see that they are the same as the default addresses already set (so they are redundant).
Ping is not a reliable test of connectivity any more. Built-in firewalls will block it by default. You will need to temporarily disable the firewalls of the clients to test with ping (unless you enable ICMP echo in both directions on all clients).
Bill

Similar Messages

Windows Server 2012 Logical Disk Free Space (%) Low

I enabled the monitor "Windows Server 2012 Logical Disk Free Space (%) Low" and configured a low threshold to test. I started to get a bunch of warnings from servers, for example:
The disk \\?\Volume{ee0222ed-16de-40a5-af89-f95db3fdf5a4} on computer PC is running out of disk space. The value that exceeded the threshold is 11% free space.
Now I checked on the server, and all the disks have more than 11% free space. Additionally, I don't see any disks with such a name/guid.
When looking at the additional knowledge of the monitor, I see that it is using the following information:
Object Name: Logical Disk
Counter Name: PercentFree
My question is where is this disk coming from, and how can I avoid these disks from creating false alarms? When looking in the Windows Server
From my analyzing the DB, I see that these are the partitions on the server without a volume letter. Any way to avoid getting these discovered and/or alerts, without overriding each one?

Hi,
These "strange" disks are called mount points.
They get discovered by the "Mount Point Discovery Rule".
Go to your authoring => rules => search for the rule above and disable it.
If you want to remove all the instances in your environment you need to use Remove-SCOMDisabledClassInstance
powershell cmdlet.
More info on the cmdlet can be found here: http://technet.microsoft.com/en-us/library/hh920257%28v=sc.20%29.aspx
If you have any more questions please do not hesitate to ask
It's doing common things uncommonly well that brings succes. Check out my SCOM link blog:
SCOM link blog

RRAS - Server 2012 Core - How to enable 'LAN Routing'

Hi,
how can i enable 'LAN Routing' on a Server core with RRAS Role installed via command line?
In GUI it's just 'Enable' -> Custom -> LAN-Routing. How can i do the same via command line (powershell or cmd)?
Thank you!

Ok, solved it myself. (Don't know why i always solve a Problem as soon as i make a post in Forums ;D)
Set-NetIPInterface -Forwarding Enabled
so for enable Forwarding on all Adapters:
Get-NetAdapter | Set-NetIPInterface -Forwarding Enabled

Why does my Cisco router firewall block Windows Server 2012 traffic, but not Windows Server 2008 traffic?

Hello,
   I run a small business network with five physical servers: three Dell servers running Windows Server 2008 R2, one custom build running 2008, and another custom build running 2012 with Domain Controller Role (same hardware for both custom builds).
The Dell servers are all running the Hyper-V role and each has a number of 2008 VMs. I also have a 2012 VM with the Domain Controller Role on one of the Hyper-V servers and another VM with a completely base install of 2012.
   All servers are plugged into a Cisco SG300-52 switch which is uplinked to a Cisco 881 router which is connected to a cable TWC provided Ubee cable modem. I have no VLANs setup. I do have the Firewall on the router configured
to inspect most traffic.
   Here is my problem: I cannot connect to most of the internet on ANY 2012 server (and all exhibit the exact same behavior), but I have NO problems connecting to the internet from 2008 servers. Here is what I already know:
   1.) I can ping the outside world just fine so ICMP is passing to any external host.
   2.) Two of the 2012 servers are DCs running DNS services and they can connect to the internet just fine for DNS requests because they are doing a perfectly good job of providing DNS services to my network.
   3.) Here's where it gets really weird: I can browse in internet explorer to Bing.com and it works. I can also go to a couple other Microsoft websites (though they are very slow). If I click on any link in Bing, however, it doesn't
work and gives me a page not available error. If I connect to a non-MS website like Google or my company website, I get page not available.
    4.) I have tried to telnet to port 80 at Bing and it works. I have tried to telnet to port 80 at google.com and it won't connect. The 2008 servers have no issue telneting to either bing or google on port 80 and none of my client
PCs on the network do either.
    5.) Windows Update will not connect and neither will any other update service such as AVG (I have AVG Antivirus installed WITHOUT firewall on two of the three servers. The base 2012 VM has no software installed and no roles...I built it
just to see if it could connect after a fresh install and it still cannot.)
    6.) The network connection does not indicate limited connectivity (probably because ICMP appears to be passing successfully)
     7.) If I connect the server directly to the modem it has full internet access.
     8.) All internal LAN connectivity is perfectly fine and runs at full speed.
     9.) I have scoured the internet trying to find other examples of this particular kind of connectivity issue on 2012 and I have found two TechNet articles that are similar, but they both had the same resolution: changing the router
worked, but no one knows why. (I would have included the links, but apparently I cannot do that yet)
My question is this: What is different about Windows Server 2012 networking that would render it unable to communicate through a router that Windows Server 2008 has no problems with? I ask because, unlike in these two articles where they were
running personal networking equipment they could easily upgrade, I'm running a Cisco 881 with what should be virtually limitless configuration options and I have no desire to replace it. I have to assume the issue is somehow related to the firewall configuration,
which I could fix easily, but I don't know what to change. If anyone knows what changed in 2012 and why I would be able to browse to bing and other MS sites but no where else, please pass them along. Thanks.

This is the IP Config for the 2012 DC:
Windows IP Configuration
   Host Name . . . . . . . . . . . . : COMPANYDC02
   Primary Dns Suffix . . . . . . . : company.local
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : company.local
Ethernet adapter Ethernet:
   Connection-specific DNS Suffix . :
   Description . . . . . . . . . . . : Intel(R) 82574L Gigabit Network Connection
   Physical Address. . . . . . . . . : 00-25-90-DC-EF-D5
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::81d5:53cf:bd07:14ed%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.10.10.202(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 10.10.10.1
   DHCPv6 IAID . . . . . . . . . . . : 301999504
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-96-D5-C3-00-25-90-DC-EF-D5
   DNS Servers . . . . . . . . . . . : 10.10.10.202
                                       10.10.10.221
   NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{9929D989-8E88-4096-A1CB-61F1DB173FA3}:
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :
   Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
This is the IP Config for the fresh install 2012 VM:
Windows IP Configuration
   Host Name . . . . . . . . . . . . : WIN-800299O7ES6
   Primary Dns Suffix . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : company.local
Ethernet adapter Ethernet:
   Connection-specific DNS Suffix . : company.local
   Description . . . . . . . . . . . : Microsoft Hyper-V Network Adapter
   Physical Address. . . . . . . . . : 00-15-5D-0A-5C-02
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 10.10.10.49(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, August 23, 2014 10:23:01 PM
   Lease Expires . . . . . . . . . . : Wednesday, August 27, 2014 10:23:01 PM
   Default Gateway . . . . . . . . . : 10.10.10.1
   DHCP Server . . . . . . . . . . . : 10.10.10.1
   DNS Servers . . . . . . . . . . . : 10.10.10.220
                                       10.10.10.221
   NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.company.local:
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . : company.local
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
NOTE: 10.10.10.220 and 10.10.10.221 are the other domain controllers on my network. One of them is 2012 and one of them is 2008. They are both functioning correctly for providing DNS services. The 2012 Virtual DC, however, still has
the internet connectivity issue that this whole post was about in the first place.
NOTE2: When I logged on to COMPANYDC02 this morning, it told me that I had new Windows Updates that needed to be downloaded.   Confused, I checked the most recent time WU had checked for updates at it had successfully checked for updates last night
at 10pm. Of course, it failed when trying to download them, but it appears that once in a while, a connection gets through successfully...

Enabling network discovery on Windows Server 2012 R2

Good afternoon.
As per the title, I have set-up a new server at work. The server is running no problem but none of the other computers connected to the network can 'see' the new server. I've gone into the control panel and tried to turn on the network discovery, but it just
defaults back to 'off'.
I did so a search on here first before troubling anyone and I did find this answer :
Thanks for the post.
I did some research and found this issue may occur if the dependency services are disabled. Please make sure the following services are enabled and running.
- SSDP Discovery
- UPnP Device Host
Disabling Network Discovery/Network Resources"
That may well be the answer, but unfortunately that means absolutely nothing to me.
Is someone able to help me try and switch this on, but by offering an explanation an 'idiot' would understand.
Thanks in advance.

Hi,
This issue occurs for one of the following reasons:
•The dependency services for Network Discovery are not running.
•The Windows firewall or other firewalls do not allow Network Discovery.
To resolve the issue, follow these steps:
1.Make sure that the following dependency services are started:
DNS Client
Function Discovery Resource Publication
SSDP Discovery
UPnP Device Host
2.Configure the Windows firewall to allow Network Discovery. To do this, follow these steps:
Open Control Panel, click System and Security, and then click Windows Firewall.
In the left pane, click Allow an app or feature through Windows Firewall if you are running Windows Server 2012. Or, click Allow a program or feature through Windows Firewall if you are running Windows Server 2008 or Windows Server 2008 R2.
Click Change settings. If you are prompted for an administrator password or confirmation, type the password or provide confirmation.
Select Network discovery, and then click OK.
3.Configure other firewalls in the network to allow Network Discovery.
4.Turn on Network Discovery in Network and Sharing Center
Quote from http://support.microsoft.com/kb/2722035
Steven Lee
TechNet Community Support

0x8056530b error enabling disk deduplication on Windows Server 2012 R2 Volume - any ideas why or how to fix?

I'm getting the following error when trying to enable disk de-duplication on a volume on my Windows 2012 R2 file server. The error is:
"There was an error updating Data Deduplication on volume: MSFT_DedupVolume.Volume='\\?\Volume{8dfc4322-9997-11e3-93f5-005056a84b9b}\' - HRESULT 0x8056530b, The specified volume type is not supported. Deduplication is supported on fixed, write-enabled
NTFS data volumes and CSV backed by NTFS data volumes."
The volume in question is a 1TB VMFS volume mounted to the virtual machine that is the Windows file server. I could find no info anywhere that references this error as it relates to a standard mounted volume or VMware or VMFS.
Any ideas on what could be the problem or how to fix it? I could find nothing in the log files other than an entry which is basically a repeat of the error above.
Any help would be greatly appreciated.
- ADEHART
P.S. This is a volume that was previously mounted on an older Windows 2003 server. Not sure if that may make a difference.

have you compared this issue to the ones that are successful and compared what is different?
Have you made sure of the following:
Servers
See the following list for server requirements for deduplication:
• Server hardware should meet the minimum requirements for running Windows Server 2012. The deduplication feature was designed to support minimal configurations such as a single processor system with 4 GB of RAM and one SATA hard disk drive.
• If you plan to support deduplication on multiple volumes on the same server, you need to plan an appropriately size for the system to ensure that it can process the data. The general rule is that the server needs 1 CPU-core and 350 MB of free memory to run a deduplication job on a single volume, and that job can process about 100 GB per hour or around 2 TB per day. Deduplication scales with additional CPU core processors and available memory to enable parallel processing of multiple volumes.
For example: If you have a server with 16 CPU core processors and 16 GB of memory, deduplication uses 25% of the system memory in the default Background Processing mode, and in this case, that would be 4 GB. If you divide by 350 MB, you can calculate that the server could process about 11 volumes at a time. If you add 8 GB of memory, the system could process 17 volumes at a time. If you set an optimization job to run in Throughput mode, the system will use up to 50% of the system’s memory for the optimization job.
• Data Deduplication supports up to 90 volumes at a time; however, deduplication can simultaneously process one volume per physical CPU core processor plus one. Hyper-threading does not impact this because only physical core processors can be used to process a volume. A system with 16 CPU core processors and 90 volumes will process 17 volumes at a time until all 90 volumes are done, if there is sufficient memory.
• Virtual server instances should follow the same guidance as physical hardware regarding server resources.
Volumes
Volumes that are candidates for deduplication must conform to the following requirements:
• Must not be a system or boot volume. Deduplication is not supported on operating system volumes.
• Can be partitioned as a master boot record (MBR) or a GUID Partition Table (GPT), and must be formatted using the NTFS file system.
• Can reside on shared storage, such as storage that uses a Fibre Channel or an SAS array, or when an iSCSI SAN and Windows Failover Clustering is fully supported.
• Do not rely on Cluster Shared Volumes (CSVs). You can access data if a deduplication-enabled volume is converted to a CSV, but you cannot continue to process files for deduplication.
• Do not rely on the Microsoft Resilient File System (ReFS).
• Can’t be larger than 64 TB in size.
• Must be exposed to the operating system as non-removable drives. Remotely-mapped drives are not supported.
Note
Files with extended attributes, encrypted files, files smaller than 32 KB, and reparse point files are not processed by deduplication.

LAN side firewall settings for Direct Access (Windows Server 2012 R2) in DMZ?

I am currently planning to set up our first Direct Access server (Windows Server 2012 R2). I will be in our firewall DMZ and we will be using the IP-HTTPS listener.
For the Internet facing rule only TCP 443 inbound/outbound is sufficient but for the LAN facing rules (not talking about the Windows server firewall) what would be the recommended firewall rules for a Direct Access server? Is there a best practice guideline
to follow for this? Appreciate any advice or comments. Thank you.

Hi Barkley
Please see this Technet Link which will backup your requirements - https://technet.microsoft.com/en-gb/library/jj574101.aspx
Section Reads -
When using additional firewalls, apply the following internal network firewall exceptions for Remote Access traffic:
ISATAP—Protocol 41 inbound and outbound
TCP/UDP for all IPv4/IPv6 traffic
Also another link from http://www.ironnetworks.com/blog/directaccess-network-deployment-scenarios#.VO3tfvmsVrU
"I have had a number of conversations with security administrators and network architects who have expressed a desire to place the DirectAccess server between two firewalls (firewall sandwich) in order to explicitly control access from the DirectAccess
server to the internal corporate network. While at first this may sound like a sensible solution, it is often quite problematic and, in my opinion, does little to improve the overall security of the solution. Restricting network access from the DirectAccess
server to the internal LAN requires so many ports to be opened on the inside firewall that the benefit of having the firewall is greatly diminished. Placing the DirectAccess server’s internal network interface on the LAN unrestricted is the best configuration
in terms of supportability and provides the best user experience."
Kindest Regards
John Davies
Thank for your reply and information John. I find it somewhat disappointing that Microsoft does not provide much more in the way of documentation and information regarding this topic. I required more information to show to our security team so they will allow
us to have the internal facing NIC not have more restrictive rules in place as it is a security concern.

Windows Server 2012 Fax Server - Route Incoming Fax By Number?

I don't think we can do this, but I am going to ask anyway. At one site we have a Windows Server 2012 running the built in fax service. It works just fine.
The customer has several unused 0845 numbers which are routed to a single landline for inbound fax, and would like to publish these 0845 numbers as fax numbers for different departments.
Each 0845 number will still terminate at the same landline for inbound fax and so we would like, if possible, to set inbound fax rules to route faxes to different email addresses depending upon the 0845 number to which they have been sent.
My guess is that we can't do it with the built in service, or can we? and even if we had a premium fax server we may not be able to do it.
The fax server is running an old skool USR serial modem.
Stuart

Hi ,
Thank you for posting your issue in the forum.
I am trying to involve someone familiar with this topic to further look at this issue. There might be some time delay. Appreciate your patience.
Thank you for your understanding and support.
Best Regards,
Andy Qi
TechNet Subscriber Support
If you are
TechNet Subscription user and have any feedback on our support quality, please send your feedback
here.
Andy Qi
TechNet Community Support

Requirement to enable more than two concurrent RDP sessions on multiple Windows Server 2012

I have an existing Remote desktop licensing server, which has users CALs for server 2008. Now I have some windows server 2012 R2, where more than 2 concurrent RDP connections are required.
What I understand that I will need to install RDS server roes on all my Widows Server 2012 and I will need to have at least one RD licensing server to install RDS CALS, that’s all.
If it is correct, the questions is : Can I use my existing license server to add my newly purchased version 2012 RDS user CALs or I will need a new licensing server?
If it is not correct, then what else I need
I appreciate your detail step by step
Thanks

Thanks the for steps, provided,
So in short,
I will need a Windows 2012 Server to install RSD 2012 licencing server to setup my newly purchased X number of RDS 2012 user CALs.
As I just want more than 2 concurrent RDP connection to happen on some Windows 2012 server, I will require to select “Role-Based or feature-based installation and ONLY will enable Remote Desktop Licensing Role and Demote Desktop Session
Host.
I will need to add RD Licencing and add the server 2012 servers; I want more than 2 concurrent connections to happen.
I will need to enable RD Licensing mode as per user
Question:
1. What I need to enable on those servers, where I want concurrent RPD connection to happen
2. In which stage and where I will enable my users CALs, I purchased?
3. Do I have to install RD Session Host role service on the servers, where more than two RPD users will connect at the same time?
I am also in dark, how my user will connect those servers, with RDP connection or with RD Web Access.
All I want to do is to enable more then 2 concurrent connection to some Windows Server 2012 R2. I have already purchased some RDS 2012 R2 Users CAL

Windows Server 2012 enable memory Turbo boost

Hello guys.
I have a Sony Vaio VPC-F113FX notebook with Quad Core Intel i7 processor with 8GB of RAM.
It is installed a Windows Server 2012 Standard.
I bought an SD card of 64 GB and intended to use the Turbo Boost feature in memory, only this option is not displayed in the properties of the operating system memory card. Can you help me configure or enable this feature in Windows Server 2012.
Thanks
Obrigado por contactar o fórum Microsoft Technet!

Hi Hezequias,
Thanks for posting.The Turbo Boost feature is just provide by Intel can cab be obly used on the Intel i5 and Intel i7.
As you mentioned that you used a 64GB SD card and intended to use the Turbo Boost feature, so I guess you might talked about the Ready Boost.
Ready Boost is a feature provide by Microsoft, Ready Boost is a disk caching software component which allows any compatible mass storage device to be used as a hard-drive memory cache for the purpose of increasing random read access
speed to the hard drive. Potentially compatible ReadyBoost devices include USB flash drives, flash memory,solid-state drivers(SSDs), and SD cards. There is a limitation of 32 GB per ReadyBoost device.
However the Ready Boot feature was just supported by the Microsoft Clients(such as windows 7) but not the server edition.
So the feature can't be used on windows server 2012 standard operation system.
Hope it helps.
If you have any concerns, feel free to post back.
Best Regards,
Elaine
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

Clean Installation of Windows Server 2012 R2 cannot access internet

I just installed a clean Windows Server 2012 R2 Data Center and all drivers installed with no issue. I used Ethernet connection to access internet via IE (let say google.com) but failed. Clicked "Fix connection problem" and returned "website
(www.google.com) is online but isn't responding to connections attempts." Therefore, I suspected Windows Firewall (WF) setting. I disabled WF, allow IE in WF, allow port 80 but all did not work in this case. I am able to ping google.com but it just does'n
work in browser (IE, Chrome, Firefox). The same cable connection I tried with Windows 8.1, 7 with no issue. Please advise is there any clue I miss up for Windows 2012 R2 Data Center?
Sean

C:\Users\Administrator>ipconfig/all
Windows IP Configuration
Host Name . . . . . . . . . . . . : WIN-4O28FIG5HD5
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Ethernet:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 30-85-A9-94-5B-62
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.1.13(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, June 6, 2014 11:46:30 PM
Lease Expires . . . . . . . . . . : Saturday, June 7, 2014 11:46:30 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled
C:\Users\Administrator>nslookup
Default Server: router.asus.com
Address: 192.168.1.1
> google.com
Server: router.asus.com
Address: 192.168.1.1
Non-authoritative answer:
Name: google.com
Addresses: 2404:6800:4001:801::1008
123.136.105.20
123.136.105.35
123.136.105.46
123.136.105.59
123.136.105.49
123.136.105.27
123.136.105.57
123.136.105.37
123.136.105.24
123.136.105.31
123.136.105.53
123.136.105.38
123.136.105.48
123.136.105.26
123.136.105.16
123.136.105.42
LAN settings in IE is set to Automatically detect settings, no proxy is selected.
Sean

ASA and RADUIS on Windows server 2012

hi i have ASA5505 i want to get the Authentication from Raduis Server using NPS on windows Server 2012 i test the Raduis Server over "Kerio Control VMware Virtual Appliance" its work Perfect for testing my Setting on Raduis but with the ASA5505 i get this message "Error authentication rejected aaa failure"
Running Config
: Saved
ASA Version 9.1(3)
hostname NazcoFW
domain-name default.domain.invalid
enable password XgEKS9WizHnI9IUJ encrypted
xlate per-session deny tcp any4 any4
xlate per-session deny tcp any4 any6
xlate per-session deny tcp any6 any4
xlate per-session deny tcp any6 any6
xlate per-session deny udp any4 any4 eq domain
xlate per-session deny udp any4 any6 eq domain
xlate per-session deny udp any6 any4 eq domain
xlate per-session deny udp any6 any6 eq domain
passwd XgEKS9WizHnI9IUJ encrypted
names
interface Ethernet0/0
switchport access vlan 22
interface Ethernet0/1
interface Ethernet0/2
switchport access vlan 12
interface Ethernet0/3
interface Ethernet0/4
shutdown
interface Ethernet0/5
shutdown
interface Ethernet0/6
shutdown
interface Ethernet0/7
switchport access vlan 32
shutdown
interface Vlan1
nameif NAZCO
security-level 100
ddns update hostname OSI
dhcp client update dns server both
ip address 172.16.200.1 255.255.255.0
interface Vlan12
nameif outside4
security-level 0
ip address 172.16.4.254 255.255.255.0
interface Vlan22
nameif Outside20
security-level 0
ip address 172.16.20.254 255.255.255.0
boot system disk0:/asa913-k8.bin
ftp mode passive
dns domain-lookup NAZCO
dns server-group DefaultDNS
name-server 10.1.1.1
name-server 10.1.2.1
domain-name default.domain.invalid
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object network HP5220
host 10.10.10.105
object network ak20
host 10.10.10.110
object network hp5520
host 192.168.2.105
object network HP7000
host 192.168.2.106
object network HP5520
host 192.168.2.105
object network ak04
host 10.10.10.110
object network HP400
host 192.168.2.107
object network out04
range 192.168.2.200 192.168.2.220
object network AK04
host 10.10.10.110
object network oooo
subnet 10.10.10.0 255.255.255.0
object network 444
host 10.10.10.110
object network OSITOINT
subnet 10.10.10.0 255.255.255.0
object-group network OSItoOUT04
network-object object out04
access-list outside20_access_in extended permit icmp any4 any4
pager lines 24
logging enable
logging asdm-buffer-size 512
logging trap informational
logging asdm informational
logging host NAZCO 10.10.10.10 17/6161
logging debug-trace
logging permit-hostdown
mtu NAZCO 1500
mtu Outside20 1500
mtu outside4 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-721.bin
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
nat (NAZCO,outside4) source dynamic any interface dns
nat (NAZCO,Outside20) source dynamic any interface dns
route Outside20 0.0.0.0 0.0.0.0 172.16.20.1 1
route outside4 0.0.0.0 0.0.0.0 172.16.4.1 11
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
aaa-server Keefa-Raduis protocol radius
aaa-server Keefa-Raduis (NAZCO) host 172.16.200.10
key *****
radius-common-pw *****
user-identity default-domain LOCAL
aaa authentication enable console LOCAL
aaa authentication http console LOCAL
aaa authentication serial console LOCAL
aaa authentication ssh console LOCAL
aaa authentication telnet console LOCAL
http server enable
http 0.0.0.0 0.0.0.0 NAZCO
snmp-server host NAZCO 10.10.10.196 community ***** version 2c
no snmp-server location
no snmp-server contact
snmp-server community *****
snmp-server enable traps snmp authentication linkup linkdown
snmp-server enable traps syslog
snmp-server enable traps ipsec start stop
snmp-server enable traps entity fru-insert
snmp-server enable traps remote-access session-threshold-exceeded
snmp-server enable traps connection-limit-reached
snmp-server enable traps cpu threshold rising
snmp-server enable traps ikev2 start stop
snmp-server enable traps nat packet-discard
crypto ipsec security-association pmtu-aging infinite
crypto ca trustpoint _SmartCallHome_ServerCA
crl configure
crypto ca trustpool policy
crypto ca certificate chain _SmartCallHome_ServerCA
certificate ca 6ecc7aa5a7032009b8cebcf4e952d491
308205ec 308204d4 a0030201 0202106e cc7aa5a7 032009b8 cebcf4e9 52d49130
0d06092a 864886f7 0d010105 05003081 ca310b30 09060355 04061302 55533117
30150603 55040a13 0e566572 69536967 6e2c2049 6e632e31 1f301d06 0355040b
13165665 72695369 676e2054 72757374 204e6574 776f726b 313a3038 06035504
0b133128 63292032 30303620 56657269 5369676e 2c20496e 632e202d 20466f72
20617574 686f7269 7a656420 75736520 6f6e6c79 31453043 06035504 03133c56
65726953 69676e20 436c6173 73203320 5075626c 69632050 72696d61 72792043
65727469 66696361 74696f6e 20417574 686f7269 7479202d 20473530 1e170d31
30303230 38303030 3030305a 170d3230 30323037 32333539 35395a30 81b5310b
30090603 55040613 02555331 17301506 0355040a 130e5665 72695369 676e2c20
496e632e 311f301d 06035504 0b131656 65726953 69676e20 54727573 74204e65
74776f72 6b313b30 39060355 040b1332 5465726d 73206f66 20757365 20617420
68747470 733a2f2f 7777772e 76657269 7369676e 2e636f6d 2f727061 20286329
3130312f 302d0603 55040313 26566572 69536967 6e20436c 61737320 33205365
63757265 20536572 76657220 4341202d 20473330 82012230 0d06092a 864886f7
0d010101 05000382 010f0030 82010a02 82010100 b187841f c20c45f5 bcab2597
a7ada23e 9cbaf6c1 39b88bca c2ac56c6 e5bb658e 444f4dce 6fed094a d4af4e10
9c688b2e 957b899b 13cae234 34c1f35b f3497b62 83488174 d188786c 0253f9bc
7f432657 5833833b 330a17b0 d04e9124 ad867d64 12dc744a 34a11d0a ea961d0b
15fca34b 3bce6388 d0f82d0c 948610ca b69a3dca eb379c00 48358629 5078e845
63cd1941 4ff595ec 7b98d4c4 71b350be 28b38fa0 b9539cf5 ca2c23a9 fd1406e8
18b49ae8 3c6e81fd e4cd3536 b351d369 ec12ba56 6e6f9b57 c58b14e7 0ec79ced
4a546ac9 4dc5bf11 b1ae1c67 81cb4455 33997f24 9b3f5345 7f861af3 3cfa6d7f
81f5b84a d3f58537 1cb5a6d0 09e4187b 384efa0f 02030100 01a38201 df308201
db303406 082b0601 05050701 01042830 26302406 082b0601 05050730 01861868
7474703a 2f2f6f63 73702e76 65726973 69676e2e 636f6d30 12060355 1d130101
ff040830 060101ff 02010030 70060355 1d200469 30673065 060b6086 480186f8
45010717 03305630 2806082b 06010505 07020116 1c687474 70733a2f 2f777777
2e766572 69736967 6e2e636f 6d2f6370 73302a06 082b0601 05050702 02301e1a
1c687474 70733a2f 2f777777 2e766572 69736967 6e2e636f 6d2f7270 61303406
03551d1f 042d302b 3029a027 a0258623 68747470 3a2f2f63 726c2e76 65726973
69676e2e 636f6d2f 70636133 2d67352e 63726c30 0e060355 1d0f0101 ff040403
02010630 6d06082b 06010505 07010c04 61305fa1 5da05b30 59305730 55160969
6d616765 2f676966 3021301f 30070605 2b0e0302 1a04148f e5d31a86 ac8d8e6b
c3cf806a d448182c 7b192e30 25162368 7474703a 2f2f6c6f 676f2e76 65726973
69676e2e 636f6d2f 76736c6f 676f2e67 69663028 0603551d 11042130 1fa41d30
1b311930 17060355 04031310 56657269 5369676e 4d504b49 2d322d36 301d0603
551d0e04 1604140d 445c1653 44c1827e 1d20ab25 f40163d8 be79a530 1f060355
1d230418 30168014 7fd365a7 c2ddecbb f03009f3 4339fa02 af333133 300d0609
2a864886 f70d0101 05050003 82010100 0c8324ef ddc30cd9 589cfe36 b6eb8a80
4bd1a3f7 9df3cc53 ef829ea3 a1e697c1 589d756c e01d1b4c fad1c12d 05c0ea6e
b2227055 d9203340 3307c265 83fa8f43 379bea0e 9a6c70ee f69c803b d937f47a
6decd018 7d494aca 99c71928 a2bed877 24f78526 866d8705 404167d1 273aeddc
481d22cd 0b0b8bbc f4b17bfd b499a8e9 762ae11a 2d876e74 d388dd1e 22c6df16
b62b8214 0a945cf2 50ecafce ff62370d ad65d306 4153ed02 14c8b558 28a1ace0
5becb37f 954afb03 c8ad26db e6667812 4ad99f42 fbe198e6 42839b8f 8f6724e8
6119b5dd cdb50b26 058ec36e c4c875b8 46cfe218 065ea9ae a8819a47 16de0c28
6c2527b9 deb78458 c61f381e a4c4cb66
quit
telnet timeout 5
ssh scopy enable
ssh 172.16.200.0 255.255.255.0 NAZCO
ssh timeout 5
ssh key-exchange group dh-group1-sha1
console timeout 0
management-access NAZCO
dhcp-client update dns server both
dhcpd dns
dhcpd update dns both
dhcpd address 172.16.200.20-172.16.200.89 NAZCO
dhcpd dns 172.16.20.1 172.16.4.1 interface NAZCO
dhcpd lease 1048575 interface NAZCO
dhcpd update dns both interface NAZCO
dhcpd enable NAZCO
threat-detection basic-threat
threat-detection statistics
threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
ssl encryption rc4-sha1 aes128-sha1 aes256-sha1 3des-sha1
username admin password bZmVDHuxUzzxS3yz encrypted privilege 15
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
inspect icmp
inspect icmp error
class class-default
user-statistics accounting
service-policy global_policy global
prompt hostname context
service call-home
no call-home reporting anonymous
call-home
profile CiscoTAC-1
no active
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
destination address email [email protected]
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly
subscribe-to-alert-group configuration periodic monthly
subscribe-to-alert-group telemetry periodic daily
hpm topN enable
Cryptochecksum:357b7c6f861e8aa9bb3a3674a789b39b
: end
asdm image disk0:/asdm-721.bin
no asdm history enable

Hi
Looks like the AAA configuration is set for local
aaa authentication enable console LOCAL
aaa authentication http console LOCAL
aaa authentication serial console LOCAL
aaa authentication ssh console LOCAL
aaa authentication telnet console LOCAL
Change it to Radius
aaa-server Keefa-Raduis protocol radius
aaa-server Keefa-Raduis (NAZCO) host 172.16.200.10
key *****
radius-common-pw *****
for example :
aaa authentication telnet console Keefa-Raduis LOCAL
Now when you will do telnet to using Radius credentials, Its Should work, If radius goes down you can use LOCAL username and password as fallback method.
Cheers!
Minakshi(Do rate the helpful post)

Windows Domain Controller on Windows Server 2012 R2: Hyper-V roaming profiles not loading due to slow connection

I have racked my brain and done everything that I know to do for about two weeks now. I am setting up a new system at our fire department and I am having the worst luck with getting the workstations to login to the domain controller with roaming
profiles. It keeps telling me that the roaming profile could not be loaded because of a slow connection. These are workstations that are connected directly to the switch that the DC is connected to. I have tried multiple connections regarding
the layout (DC into the router, router into the switch). The router is a Cisco RV220W. I have two VLANS, one for public and one for private domain. The Private VLAN has DHCP turned off since I am providing it through the DC. I currently
have a connection from the Private VLAN going to the unmanaged switch that the workstations and server are plugged into.
The server is a Dell PowerEdge R420 that has 6 NIC ports (1 dual port and 1 quad port). I have a virtual switch setup on Hyper-V for an external port (let's say Card 2 Port 3) that is assigned to the WS 2012R2 Domain Controller. The DC can see
the internet fine and the workstations can connect to the shared folders on the server. I can retrieve files by just using the computer name or FQDN. The DC is also running DNS and DHCP. The DNS has the _msdcs setup from when I installed
the active directory role. I have attempted to assign static IP addresses to the workstations:
IP:                     10.0.0.80
Subnet:             255.255.255.0
IPV4 Gateway: 10.0.0.1
IPV4 DNS:        10.0.0.12
I've attempted "append the specific DNS suffix", I've "registered the connection in DNS", I've used "use this connections suffix in DNS registration".
The server is assigned:
IP:                     10.0.0.12
Subnet:             255.255.255.0
IPV4 Gateway: 10.0.0.1
IPV4 DNS:         10.0.0.12
The DNS entries have forwarders that forward to my ISP DNS servers for lookup
I've enabled and disabled DHCP, I've installed a new VM just to create another DC to make sure that I didn't goof up when I created it.
I've lost my patience with this project and am sinking fast. Can someone please offer some advice as to what I've done wrong? I've created this exact scenario at work many times but, I've never done it with Windows Server 2012. Is this
possibly something to do with the Dell PowerEdge server (Generation 12) with the SR-IOV? I am going to attempt to work on it some more tomorrow when I get over there. I think there may be an issue with the SR-IOV not being enabled on the machine
through the Dell Bios. Would the SR-IOV really cause the workstations to report a slow connection? When I login at the domain controller the roaming profiles and folder redirection work fine so, I know the GPO settings are correct. I don't
have "ignore slow connections" or any of those GPO's set. I need to get it working the correct way so, I didn't want to fool the server when there is another underlying problem. Any help that someone can offer, I am more than willing
to listen. If you need more information, please ask.
Thanks,
Jay

So, I've managed to research this some more since Thursday and I've come to the conclusion that Hyper-V does a horrible job of supporting Qualcomm NIC cards. That's the only thing I can conclude as far as where the issue is originating. I've read many
post and walkthroughs but nothing that has helped. The issue wasn't with any settings in the domain controller. The issue was that there really is a slow connection originating at the domain controller that is a VM and has network connectivity through the
virtual switch from Hyper-V. So, next question is, how do I get the DC to have better connectivity through the NIC that Hyper-V won't give it? If hyper-v would allow passthrough, this would be so much simpler. VM-ware is looking really good at this point.
Im disappointed in MS right now.

How do I change the URL to the Remote Web Access server in Windows Server 2012?

Hallo!
I have set up a Remote Dexktop Service using the "Quick" deployment method in Server Manager and everything is working greate internally, but I cannot start an app published in Remote Web Access from outside our network.
The problem is that it wants to start the using the internal URL, for example, server.domain.local, instead of the external one, for example remote.server.com.
I therefore want to know how I can change the default URL for the Remote Web Access server and all the Remote Web Apps in Windows Server 2012?
I have allready looked in Server Manager and I can change some of the deployment settings in server manager, but there is no way to alter the URL of the Remote Web Access server. See below images:
Pressing the internal URL only results in opening the internal URL.
This was very simple to do in Windows Server 2008 R2 using the tsconfig tool, but it does not seam to be any way of solving this in server manager.
A possible sollution would be to alter the registry someware in HKLM->Software->Microsoft->Windows NT->Terminal Services. But this can easaly lead to problems due to wrong format, etc. and is probably not supported.
Is there a simpler and supported way?

That option can be used to connect to any machine that you want. The error message indicates that the client machine cannot resolve the name "server.domain.local" to an IP address that it can connect to.
You have several options for configuring that tab on the RDweb site. You can even remove it entirely.
Customization of RD Web Site
RD Web provides a number of customization options for the RD Web interface, including the ability to control default Gateway server settings and redirection settings. These settings
are controlled by editing the web.config file located in %SYSTEMROOT%\Web\RDWeb\Pages.
Displaying Local Help
To display local help for users instead of the web-based help, edit the LocalHelp value and change the value from false to true.

<add key="LocalHelp" value="false" />
When this value is changed, a user that clicks on Help in the upper right corner of the RD Web login page will open the local help file instead of web-based help.
Hiding the Connect to a Remote PC Tab
The RDWeb page
Connect to a Remote PC tab can be hidden from users to prevent connections to any servers through RD Web other than the servers configured in a collection. By default, this setting is set to true and the
Remote Desktops tab is displayed. To hide the tab, set the value to false.

<add key="ShowDesktops" value="true" />
When the value is set to false, a user will not see the Connect to a Remote PC tab when logged on to the RD Web page
RD Gateway Settings
If the Connect to a Remote PC tab is enabled, an administrator can configure RD Web to use a Gateway server when connecting to remote computers. To specify a gateway, edit the below
value with the name of the RD Gateway server:

<add key="DefaultTSGateway" value="" />
The default authentication method for the RD Gateway server can also be configured by editing the following section of the web.config:

<add key="GatewayCredentialsSource" value="0" />
Devices and Resources
By default, only Printers and Clipboard are redirected on connections made using the Connect to a Remote PC tab. If the user clicks the
Options << button, the redirection settings for a specific connection can be modified
To configure each specified redirection option to be enabled or disabled by default, edit the following section in the web.config file:

<add key="xPrinterRedirection" value="true" />
<add key="xClipboard" value="true" />
<add key="xDriveRedirection" value="false" />
<add key="xPnPRedirection" value="false" />
<add key="xPortRedirection" value="false" />
LAN Experience Defaults
Windows Server 2012 RD Web Access can display a new user selectable option for optimizing the connection for a LAN experience. This option is displayed at the bottom of the RD Web
page and can be controlled by the administrator using the following section of the web.config file:

<add key="ShowOptimizeExperience" value="false" />
<add key="OptimizeExperienceState" value="false" />
This value is set to false by default, but when changed to true, the following checkbox will display at the bottom of the webpage. The LAN experience
checkbox can also be set as enabled by default.
Each setting can also be modified using the IIS Manager user interface:
Don Geddes - SR Support Escalation Engineer - Remote Desktop Services - Printing and Imaging

Not working properly Computer Browser service in Windows Server 2012

Good afternoon.
Migrated from 2003 to 2012 Active Directory, all is good, but the service Computer Browser in Windows Server 2012 is not working properly.
Online, there are several hundred computers, one network, no segments. PDC is the Master Browser, it is in my list of all the computers, but gives customers or Backup Browser computers only part, and in alphabetical order, giving the first 70 computers and
all.
Looked packet sniffer:
Microsoft Windows Lanman Remote API Protocol
Entry Count: 70
Available Entries: 251
So on Master Browser shows 251 computer, and the client 70.
If disabled on Windows Server 2012 Service Computer Browser, Master Browser is a computer running Windows Server 2003. He gives all computers.
What is the problem, how to get Windows Server 2012 to work correctly as a Master Browser?

More info. I have high lighted in bold where the issue is. This is a massive headache for me at the moment
Frame: Number = 377, Captured Frame Length = 182, MediaType = ETHERNET
- Ethernet: Etype = Internet IP (IPv4),DestinationAddress:[00-13-72-52-6E-A1],SourceAddress:[00-1E-0B-2B-68-DD]
- DestinationAddress: Dell Inc. 526EA1 [00-13-72-52-6E-A1]
     Rsv: (000000..)
     UL: (......0.) Universally Administered Address
     IG: (.......0) Individual address (unicast)
- SourceAddress: 001E0B 2B68DD [00-1E-0B-2B-68-DD]
     Rsv: (000000..)
     UL: (......0.) Universally Administered Address
     IG: (.......0) Individual address (unicast)
    EthernetType: Internet IP (IPv4), 2048(0x800)
- Ipv4: Src = 10.44.46.101, Dest = 10.44.44.14, Next Protocol = TCP, Packet ID = 14025, Total IP Length = 168
- Versions: IPv4, Internet Protocol; Header Length = 20
     Version:      (0100....) IPv4, Internet Protocol
     HeaderLength: (....0101) 20 bytes (0x5)
- DifferentiatedServicesField: DSCP: 0, ECN: 0
     DSCP: (000000..) Differentiated services codepoint 0
     ECT: (......0.) ECN-Capable Transport not set
     CE:   (.......0) ECN-CE not set
    TotalLength: 168 (0xA8)
    Identification: 14025 (0x36C9)
- FragmentFlags: 16384 (0x4000)
     Reserved: (0...............)
     DF:       (.1..............) Do not fragment
     MF:       (..0.............) This is the last fragment
     Offset:   (...0000000000000) 0
    TimeToLive: 128 (0x80)
    NextProtocol: TCP, 6(0x6)
    Checksum: 0 (0x0)
    SourceAddress: 10.44.46.101
    DestinationAddress: 10.44.44.14
- Tcp: Flags=...AP..., SrcPort=65372, DstPort=NETBIOS Session Service(139), PayloadLen=128, Seq=1910965363 - 1910965491, Ack=580319796, Win=252 (scale factor 0x8) = 64512
    SrcPort: 65372
    DstPort: NETBIOS Session Service(139)
    SequenceNumber: 1910965363 (0x71E70473)
    AcknowledgementNumber: 580319796 (0x2296FA34)
- DataOffset: 80 (0x50)
     DataOffset: (0101....) 20 bytes
     Reserved:   (....000.)
     NS:         (.......0) Nonce Sum not significant
- Flags: ...AP...
     CWR:    (0.......) CWR not significant
     ECE:    (.0......) ECN-Echo not significant
     Urgent: (..0.....) Not Urgent Data
     Ack:    (...1....) Acknowledgement field significant
     Push:   (....1...) Push Function
     Reset: (.....0..) No Reset
     Syn:    (......0.) Not Synchronize sequence numbers
     Fin:    (.......0) Not End of data
    Window: 252 (scale factor 0x8) = 64512
    Checksum: 0x6F65, Disregarded
    UrgentPointer: 0 (0x0)
    TCPPayload: SourcePort = 65372, DestinationPort = 139
- Nbtss: SESSION MESSAGE, Length =124
    PacketType: SESSION MESSAGE, 0(0x00)
- Flags: Add 0 to Length
     Reserved: (0000000.)
     Extension: (.......0)Add 0 to Length
    Length: 124(0x7C)
- SMB: C; Transaction, Remote Administration Protocol, FileName = \PIPE\LANMAN
    Protocol: SMB
    Command: Transaction 37(0x25)
- NTStatus: 0x0, Facility = FACILITY_SYSTEM, Severity = STATUS_SEVERITY_SUCCESS, Code = (0) STATUS_SUCCESS
     Code:     (................0000000000000000) (0) STATUS_SUCCESS
     Facility: (...0000000000000................) FACILITY_SYSTEM
     Customer: (..0.............................) NOT Customer Defined
     Severity: (00..............................) STATUS_SEVERITY_SUCCESS
- SMBHeader: Command, TID: 0x2001, PID: 0x276C, UID: 0x3801, MID: 0x0140
   - Flags: 24 (0x18)
      LockAndRead:     (.......0) LOCK_AND_READ and WRITE_AND_UNLOCK NOT supported (Obsolete) (SMB_FLAGS_LOCK_AND_READ_OK)
      NoAck:           (......0.) An ACK response is needed (SMB_FLAGS_SEND_NO_ACK[only applicable when SMB transport is NetBIOS over IPX])
      Reserved_bit2:   (.....0..) Reserved (Must Be Zero)
      CaseInsensitive: (....1...) SMB paths are case-insensitive (SMB_FLAGS_CASE_INSENSITIVE)
      Canonicalized:   (...1....) Canonicalized File and pathnames (Obsolete) (SMB_FLAGS_CANONICALIZED_PATHS)
      Oplock:          (..0.....) Oplocks NOT supported for OPEN, CREATE & CREATE_NEW (Obsolete) (SMB_FLAGS_OPLOCK)
      OplockNotify:    (.0......) Notifications NOT supported for OPEN, CREATE & CREATE_NEW (Obsolete) (SMB_FLAGS_OPLOCK_NOTIFY_ANY)
      FromServer:      (0.......) Command - SMB is being sent from the client (SMB_FLAGS_SERVER_TO_REDIR)
   - Flags2: 51207 (0xC807)
      KnowsLongFiles:            (...............1) Understands Long File Names (SMB_FLAGS2_KNOWS_LONG_NAMES)
      KnowsEas:                  (..............1.) Understands extended attributes (SMB_FLAGS2_KNOWS_EAS)
      SmbSecuritySignature:      (.............1..) Security signatures enabled (SMB_FLAGS2_SMB_SECURITY_SIGNATURE)
      Compressed:                (............0...) Compression Disabled for REQ_NT_WRITE_ANDX and RESP_READ_ANDX (SMB_FLAGS2_COMPRESSED)
      SecuritySignatureRequired: (...........0....) Security Signatures are NOT required (SMB_FLAGS2_SMB_SECURITY_SIGNATURE_REQUIRED)
      Reserved_bit5:             (..........0.....) Reserved (Must Be Zero)
      IsLongName:                (.........0......) DO NOT use Long File Names (SMB_FLAGS2_IS_LONG_NAME)
      Reserved_bits7_9:          (......000.......) Reserved (Must Be Zero)
      ReparsePath:               (.....0..........) NOT a Reparse path (SMB_FLAGS2_REPARSE_PATH)
      ExtendedSecurity:          (....1...........) Aware of extended security (SMB_FLAGS2_EXTENDED_SECURITY)
      Dfs:                       (...0............) NO DFS namespace (SMB_FLAGS2_DFS)
      Paging:                    (..0.............) Read operation will NOT be permitted unless user has permission (NO Paging IO) (SMB_FLAGS2_PAGING_IO)
      NTStatus:                  (.1..............) Using 32-bit NT status error codes (SMB_FLAGS2_NT_STATUS)
      Unicode:                   (1...............) Using UNICODE strings (SMB_FLAGS2_UNICODE)
     PIDHigh: 0 (0x0)
     SecuritySignature: 0x0
     Unused: 0 (0x0)
     TreeID: 8193 (0x2001)
     ProcessID: 10092 (0x276C)
     UserID: 14337 (0x3801)
     MultiplexID: 320 (0x140)
- CTransaction:
     WordCount: 14 (0xE)
     TotalParameterCount: 32 (0x20)
     TotalDataCount: 0 (0x0)
     MaxParameterCount: 8 (0x8)
     MaxDataCount: 4200 (0x1068)
     MaxSetupCount: 0 (0x0)
     Reserved: 0 (0x0)
   - Flags: Do NOT disconnect TID
      Disconnect: (...............0) Do NOT disconnect TID
      NoResponse: (..............0.) Server response to the client
      Reserved:   (00000000000000..) Reserved
     Timeout: 5000 milli sec(s)
     Reserved2: 0 (0x0)
     ParameterCount: 32 (0x20)
     ParameterOffset: 92 (0x5C)
     DataCount: 0 (0x0)
     DataOffset: 0 (0x0)
     SetupCount: 0 (0x0)
     Reserved3: 0 (0x0)
     ByteCount: 61 (0x3D)
   - RemoteAPIBuffer:
    - FileName: \PIPE\LANMAN
     - Align: 1 Bytes
        AlignBytes: Binary Large Object (1 Bytes)
       Name: \PIPE\LANMAN
      Pad1: Binary Large Object (2 Bytes)
- RAPRequest: NetServerEnum2 Request, InfoLevel = 1, SV_TYPE_ALL: All in NSNET
    RAPOpcode: NetServerEnum2
- ParameterDescriptor: WrLehDz; 4 send, 1 receive parameter
     Param: (W) WORD (send parameter, 16 bit integer)
     Param: (r) Receive buffer (format in data descriptor) (receive data, 0 bit integer)
     Param: (L) Receive buffer length (send/receive parameter, 16/16 bit integer)
     Param: (e) Entries read (receive data, 0 bit integer)
     Param: (h) WORD (receive parameter, 16 bit integer)
     Param: (D) DWORD (send parameter, 32 bit integer)
     Param: (z) ASCIIZ (send parameter, 8 bit integer)
     Param: ASCII NUL (string terminator)
- DataDescriptor: B16BBDz; data bytes send: 0, receive: 34
   - Datum: (B) BYTE[16] (receive data, 8 bit integer)
      Datum: (B) BYTE (receive data, 8 bit integer)
      Digit: 1
      Digit: 6
     Datum: (B) BYTE (receive data, 8 bit integer)
     Datum: (B) BYTE (receive data, 8 bit integer)
     Datum: (D) DWORD (receive data, 32 bit integer)
     Datum: (z) ASCIIZ* (receive data offset, 32 bit integer)
     Datum: ASCII NUL (string terminator)
- NetServerEnum2: SV_TYPE_ALL: All in NSNET
     InfoLevel: (1) SERVER_INFO_1
     ReceiveBufferSize: 4200 (0x1068)
   - ServerType: SV_TYPE_ALL: All
      Workstation:      (...............................1) All workstations
      Server:           (..............................1.) All computers with the server service running
      Sqlserver:        (.............................1..) All running Microsoft SQL Server
      DomainCtrl:       (............................1...) All primary domain controllers
      DomainBakctrl:    (...........................1....) All backup domain controllers
      TimeSource:       (..........................1.....) All Time servers
      AFP:              (.........................1......) All Apple File Protocol servers
      Novell:           (........................1.......) All Novell servers
      DomainMember:     (.......................1........) All LAN Manager 2.x domain members
      PrintqServer:     (......................1.........) All print servers
      DialinServer:     (.....................1..........) All dial-in servers
      ServerUnix:       (....................1...........) All Unix/Xenix servers
      NT:               (...................1............) All Windows NT workstations or servers
      WFW:              (..................1.............) All Windows for Workgroups servers
      ServerMFPN:       (.................1..............) All Microsoft File and Print for NetWare servers
      ServerNT:         (................1...............) All non-domain controller servers
      PotentialBrowser: (...............1................) All servers that can run the browser service
      BackupBrowser:    (..............1.................) All backup browsers
      MasterBrowser:    (.............1..................) All master browsers
      DomainMaster:     (............1...................) All domain master browsers
      Reserved1:        (..........11....................)
      Windows:          (.........1......................) All Windows 95 or later
      DFS:              (........1.......................) All DFS root servers
      ClusterNT:        (.......1........................) All NT Clusters
      Terminalserver:   (......1.........................) All Terminal Servers
      ClusterVSNT:      (.....1..........................) All NT Cluster Virtual Server Names
      DCE:              (....1...........................) AllIBM DSS (Directory & Security Services)
      Reserved2:        (...1............................)
      AlternateXport:   (..1.............................) Return list for alternate transport
      LocalListOnly:    (.1..............................) Return local list only
      DomainEnum:       (1...............................) Enumerate primary domain
     Domain: NSNET
Then the reply;
   Frame: Number = 378, Captured Frame Length = 1514, MediaType = ETHERNET
+ Ethernet: Etype = Internet IP (IPv4),DestinationAddress:[00-1E-0B-2B-68-DD],SourceAddress:[00-13-72-52-6E-A1]
+ Ipv4: Src = 10.44.44.14, Dest = 10.44.46.101, Next Protocol = TCP, Packet ID = 27036, Total IP Length = 1500
+ Tcp: Flags=...A...., SrcPort=NETBIOS Session Service(139), DstPort=65372, PayloadLen=1460, Seq=580319796 - 580321256, Ack=1910965491, Win=253 (scale factor 0x8) = 64768
+ Nbtss: SESSION MESSAGE, Length =2013
+ SMB: R; Transaction, Remote Administration Protocol
- RAPResponse: NetServerEnum2 Response, Count = 31
    Win32ErrorCode: 0x00000000 - ERROR_SUCCESS - The operation completed successfully.
    Converter: 2251 (0x8CB)
- NetServerEnum2: Count = 31
     EntriesReturned: 31 (0x1F)
     EntriesAvailable: 31 (0x1F)
   + NetServerInfo1: APOLLO
   + NetServerInfo1: ARTEMIS
   + NetServerInfo1: ASKLEPIOS
   + NetServerInfo1: CASTOR
   + NetServerInfo1: DCC4503-131L
   + NetServerInfo1: DCC4503-155L
   + NetServerInfo1: DCC4503-157L
   + NetServerInfo1: DCC4503-161L
   + NetServerInfo1: DCC4503-171L
   + NetServerInfo1: DCC4503-172L
   + NetServerInfo1: DCC4503-175L
   + NetServerInfo1: DCC4503-177L
   + NetServerInfo1: DCC4503-183L
   + NetServerInfo1: DCC4503-184L
   + NetServerInfo1: DCC4503-185L
   + NetServerInfo1: DCC4503-188L
   + NetServerInfo1: DCC4503-196L
   + NetServerInfo1: DCC4503-197L
   + NetServerInfo1: DCC4503-199L
   + NetServerInfo1: DCC4503-202L
   + NetServerInfo1: DCC4503-203L
   + NetServerInfo1: DCC4503-205L
   + NetServerInfo1: DCC4503-210L
   + NetServerInfo1: DCC4503-213L
   + NetServerInfo1: DCC4503-219L
   + NetServerInfo1: DCC4503-220L
   + NetServerInfo1: DCC4503-228L
   + NetServerInfo1: DCC4503-233L
   + NetServerInfo1: DCC4503-234L
   + NetServerInfo1: DCC4503-236L
   + NetServerInfo1: DCC4503-241L
    StringData: Binary Large Object (586 Bytes)

Enable Lan Routing Windows Server 2012

Similar Messages

Maybe you are looking for