Remote Access Troubleshooting tools
Updated: January 21, 2005
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
To help you gather information to troubleshoot problems with the remote access server, the following troubleshooting tools are available:
Authentication and accounting logging. For more information see Logging.
Event logging records errors, warnings, and events in the system event log.
PPP logging creates a log file of the PPP control messages that are sent and received during a PPP connection.
Tracing records the sequence of programming functions called during a process to a file. For more information, see Using tracing.
Network Monitor captures traffic sent between a remote access server and dial-up client during the PPP connection process and during data transfer.
Netsh commands for remote access configure and display remote access settings for a server running Routing and Remote Access. For more information, see Netsh commands for remote access (ras).
Remote Access Diagnostics
You can use the Remote Access diagnostic functions available in the Windows Server 2003 family to collect detailed logs and information about a remote access connection. Diagnostics can be set from the Diagnostics tab of the properties of the connection in the Network Connection folder, or you can run specific diagnostics by typing the netsh ras diagnostics command at the command line.
Audit logging and Oakley logging for L2TP/IPSec connections
You can use the Audit Logging feature to monitor IPSec-related events. This is the fastest and simplest method to troubleshoot unsuccessful L2TP/IPSec connections. You can also enable the Oakley log to record all ISAKMP main mode or quick mode negotiations. For more information, see IPSec troubleshooting tools.
You can use event logging to record remote access server errors, warnings, and other detailed information in the system event log. You can enable event logging on the Event Logging tab on the properties of a remote access server. For more information, see View properties of the remote access server.
PPP logging records the series of programming functions and PPP control messages during a PPP connection and is a valuable source of troubleshooting information when you are troubleshooting the failure of a PPP connection. To enable PPP logging, select the Enable Point-to-Point Protocol (PPP) logging option on the PPP tab on the properties of a remote access server. For more information, see View properties of the remote access server.
The PPP log in Windows NT 4.0 has been replaced by the tracing function. To duplicate the PPP log, you need to enable file tracing for the PPP key. By default, the PPP log is stored as the ppp.log file in the systemroot\Tracing folder. For more information on tracing options, see Using tracing.
Network Monitor can capture the network traffic between a dial-up networking client and the remote access server. By analyzing remote access traffic, you can find answers to remote access problems and possible solutions or workarounds. For more information, see Install and Configure Network Monitor.
The proper interpretation of remote access traffic with Network Monitor requires an in-depth understanding of PPP and other protocols. You can save Network Monitor traces as files and send them to Microsoft Product Support Services for analysis.