Can someone help me with this entry in my Event Viewer?
I am creating a small home-based business network for a CAD company and I don't fully understand some of these entries.
The Server has 2 NICS one 192.168.0 and the other 192.168.11. The server is running Windows Server 2003. The .0 Subnet has the house's personal computers. The .11 Subnet has their workstations.
For a little background, they are a home based business who hires CAD Operators and ships out computers to them so they can work from home. The company pays for an upgraded ISP connection which will make VPN connections fast enough to tolerate. It's actually a good idea because there are more baby boomer CAD operators than any generation who would love to work from home after working in an office 8-12 hours a day for 15-25 years.
Anyways, I am getting Anonymous Logons from a computer in the .0 network in the event viewer.
I find this strange because the server's .0 NIC is connected to the router and the .11 NIC is connected to a switch. So every workstation on the .11 subnet goes through the switch to get the the server and their home computers connect directly to the router and the router to the cable modem. This separates the two so that traffic generated by their personal computer will not affect performance on their work computers. When they were all on one subnet, their network programs (located on server) started slower and lagged. I am unclear why the computers on the .0 subnet are trying to log into the server. They shouldn't even be able to see the workstations on the .11 subnet. Here is the event viewer...
Successful Network Logon:
Logon ID: (0x0,0x4AC98)
Logon Type: 3
Logon Process: NtLmSsp
Authentication Package: NTLM
Workstation Name: ROBUT
Logon GUID: -
Caller User Name: -
Caller Domain: -
Caller Logon ID: -
Caller Process ID: -
Transited Services: -
Source Network Address: 192.168.0.198
Source Port: 0
My question is, Is this normal? And if it is normal, will it affect network traffic?
They constantly use autodesk/3rd party network programs (LAN and inbound internet connections) so I need to make this network as efficient as possible. And this is the only thing I can see which is out of place. Your help is very much appreciated. Thank you!
BTW I've been out of the networking/server administration scene for 7 or so years (yes, server 2003 is new to me lol) and am trying to get all of this knowledge back. So I may have more questions :P