Jims_Computer_Services
asked on
http does NOT work. https DOES.
Hi there,
This is most bizarre and, from different logs I have available, it appears to have started after 0229 AEST 24 October 2008 (not sure if that is relevent).
The LAN has 3 x Windows 2003 Servers and the same is happening on all 3.
IE returns the above error immediately you try to access any http site, either by name or IP address. However, https sites are working.
In my attempts to solve the issue, I have done the following:
- Rebooted modem and router.
- Rebooted servers.
- Uninstalled a Windows Update dated 24 October 2008.
- Installed Firefox.
- Flushed the DNS cache.
- Hard-coded a different DNS server in the TCP/IP properties.
- Repaired the TCP/IP stack.
- Repaired Winsock.
- Connected one of the servers to a completely different LAN, via a different modem and router that is working perfectly for the 20 Win XP clients connected to it.
- Disabled RRAS.
- Confirmed Windows Firewall/ICS was not started. There is no other firewall on the servers.
- I can ping websites without issue, and it properly resolves the IP address of those sites.
- I can telnet to port 80 of those websites without issue.
Any and all hope very much appreciated.
Thanks n regs,
Bill.
This is most bizarre and, from different logs I have available, it appears to have started after 0229 AEST 24 October 2008 (not sure if that is relevent).
The LAN has 3 x Windows 2003 Servers and the same is happening on all 3.
IE returns the above error immediately you try to access any http site, either by name or IP address. However, https sites are working.
In my attempts to solve the issue, I have done the following:
- Rebooted modem and router.
- Rebooted servers.
- Uninstalled a Windows Update dated 24 October 2008.
- Installed Firefox.
- Flushed the DNS cache.
- Hard-coded a different DNS server in the TCP/IP properties.
- Repaired the TCP/IP stack.
- Repaired Winsock.
- Connected one of the servers to a completely different LAN, via a different modem and router that is working perfectly for the 20 Win XP clients connected to it.
- Disabled RRAS.
- Confirmed Windows Firewall/ICS was not started. There is no other firewall on the servers.
- I can ping websites without issue, and it properly resolves the IP address of those sites.
- I can telnet to port 80 of those websites without issue.
Any and all hope very much appreciated.
Thanks n regs,
Bill.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Do you have a proxy server configured?
ASKER
Hi there,
There is no physical firewall except that provided by the router. I forgot to mention that in my testing, I temporarily and completely disabled that firewall and still got the same problem.
Anyway, in my testing, I connected one of the servers to a completely different LAN and still got the same issue. The other LAN is working fine for 20 Win XP Pro clients but didn't work for the server.
No, there is no Proxy server.
Stumped!!!
Bill.
There is no physical firewall except that provided by the router. I forgot to mention that in my testing, I temporarily and completely disabled that firewall and still got the same problem.
Anyway, in my testing, I connected one of the servers to a completely different LAN and still got the same issue. The other LAN is working fine for 20 Win XP Pro clients but didn't work for the server.
No, there is no Proxy server.
Stumped!!!
Bill.
Are you running IIS on your web servers?
ASKER
Hi LyonJay,
DNS is working fine because I can ping websites and it resolves the IP address.
And, I can connect to https sites via name and ip address.
Just no http sites!
Regs,
Bill.
DNS is working fine because I can ping websites and it resolves the IP address.
And, I can connect to https sites via name and ip address.
Just no http sites!
Regs,
Bill.
ASKER
Hi mrwalker15,
I am 85% sure there is no IIS on the server. The servers aren't really operating in a traditional domain. They are simply in a workgroup.
How do I tell for sure there is no IIS.
Regs,
Bill.
I am 85% sure there is no IIS on the server. The servers aren't really operating in a traditional domain. They are simply in a workgroup.
How do I tell for sure there is no IIS.
Regs,
Bill.
Are those websites internal?
ASKER
Hi again,
No, there are no internal websites. We are talking about trying to get out to the www.
For example:
- https://dc-au.server-secure.com WORKS
- http://www.google.com.au DOESN'T WORK
Regs,
Bill.
No, there are no internal websites. We are talking about trying to get out to the www.
For example:
- https://dc-au.server-secure.com WORKS
- http://www.google.com.au DOESN'T WORK
Regs,
Bill.
Could you run WFetch from the server and post the reply.
http://www.microsoft.com/downloads/details.aspx?FamilyID=56fc92ee-a71a-4c73-b628-ade629c89499&DisplayLang=en
http://www.microsoft.com/downloads/details.aspx?FamilyID=56fc92ee-a71a-4c73-b628-ade629c89499&DisplayLang=en
ASKER
Hi again,
I have downloaded the IIS Toolkit on a local PC and copied it to the server. I installed it and then ran WFetch with the default settings. Here is the output:
WWWConnect::Connect("local host","80" )
IP = "127.0.0.1:80"
source port: 4594
WWWConnect::Close("localho st","80")
closed source port: 4594
cannot send data, because connection is closed
I have downloaded the IIS Toolkit on a local PC and copied it to the server. I installed it and then ran WFetch with the default settings. Here is the output:
WWWConnect::Connect("local
IP = "127.0.0.1:80"
source port: 4594
WWWConnect::Close("localho
closed source port: 4594
cannot send data, because connection is closed
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi sensored2008,
Mmmmm. Sounds feasible. But, where would I check for the existense of this proxy?
I've checked Internet Options > Connections > LAN Settings and there is no tick in any of the boxes.
I also know it's not the modem or the router because I can replicate the problem while connected to a completely different LAN using a different modem and router.
If your suspicion is correct, it means that all the servers on the affected LAN were hit at the same time - around 0300 on October 24, which makes me lean again toward a Microsoft Update. However, I've uninstalled all updates since 23 October.
Looking forward to your comments to the above.
Regs,
Bill.
Mmmmm. Sounds feasible. But, where would I check for the existense of this proxy?
I've checked Internet Options > Connections > LAN Settings and there is no tick in any of the boxes.
I also know it's not the modem or the router because I can replicate the problem while connected to a completely different LAN using a different modem and router.
If your suspicion is correct, it means that all the servers on the affected LAN were hit at the same time - around 0300 on October 24, which makes me lean again toward a Microsoft Update. However, I've uninstalled all updates since 23 October.
Looking forward to your comments to the above.
Regs,
Bill.
Do u have isa or any internet proxy to manage internet on the network? If yes, check if you are getting any normal internet with that proxy ware disabled at first from same proxy machine and any other machine that you had tested ealier.
if you got it working normal on all check the setting on the proxy, if not let me know which failed still.
if you got it working normal on all check the setting on the proxy, if not let me know which failed still.
ASKER
Hi again,
No, there is no ISA or internet proxy.
In the meantime, I have just connected a laptop to that network and it connects to the internet without issue.
The problem is confined to the 3 x Windows 2003 Servers.
Regs,
Bill.
No, there is no ISA or internet proxy.
In the meantime, I have just connected a laptop to that network and it connects to the internet without issue.
The problem is confined to the 3 x Windows 2003 Servers.
Regs,
Bill.
well,
1. check if your router has those servers ip forwarded to that port when communicting to port 80 or if have a gpo doing the thing
2. check if the software firewall enabled on those three servers and if they are configured to communicate to port 4594 or you have a gpo doing the thing
3. scan those machine for Threats(virus or trojans)
4. Check if host and network files has been edited by in anyway
5. check if there is any common software that might be act as surf anonymous
awaiting your reply
1. check if your router has those servers ip forwarded to that port when communicting to port 80 or if have a gpo doing the thing
2. check if the software firewall enabled on those three servers and if they are configured to communicate to port 4594 or you have a gpo doing the thing
3. scan those machine for Threats(virus or trojans)
4. Check if host and network files has been edited by in anyway
5. check if there is any common software that might be act as surf anonymous
awaiting your reply
Can you run Wfetch to connect to an external address?
In the test above, you were trying to connect to the server itself but you dont have a webserver running so the test is not a good one.
In the test above, you were trying to connect to the server itself but you dont have a webserver running so the test is not a good one.
ASKER
Hello mrwalker15, LyonJay and sensored2008,
Many thanks to everyone for your contributions.
In hindsight, it was probably relevent to mention the servers run AVG v8 and that I had already tried disabling it as well as disabling each of its components.
I have just completely uninstalled it and the problem is solved. I have since downloaded and installed the latest version and the the problem is still solved.
Grisoft have already responded to my support query with the following:
"
Please let us inform you that the issue was probably caused by one of our latest update. In order to fix the issue please check the following FAQ:
http://www.avg.com/faq.num-1561
"
Great! At least they admit to it!
I had already re-installed AVG before I got their response so, I didn't get a chance to test the fix described in their FAQ.
Anyway, simply for the huge amount of knowledge you three have bestowed upon me, I will divide the points evenly. I'd like to do more.
Many thanks,
Bill.
Many thanks to everyone for your contributions.
In hindsight, it was probably relevent to mention the servers run AVG v8 and that I had already tried disabling it as well as disabling each of its components.
I have just completely uninstalled it and the problem is solved. I have since downloaded and installed the latest version and the the problem is still solved.
Grisoft have already responded to my support query with the following:
"
Please let us inform you that the issue was probably caused by one of our latest update. In order to fix the issue please check the following FAQ:
http://www.avg.com/faq.num-1561
"
Great! At least they admit to it!
I had already re-installed AVG before I got their response so, I didn't get a chance to test the fix described in their FAQ.
Anyway, simply for the huge amount of knowledge you three have bestowed upon me, I will divide the points evenly. I'd like to do more.
Many thanks,
Bill.
ASKER
I have done as you have instructed (removed tick next to Show friendly HTTP errors) but it didn't change the error message. I have reproduced it in full for you below:
Regs,
Bill.
The page cannot be displayed
The page you are looking for is currently unavailable. The Web site might be experiencing technical difficulties, or you may need to adjust your browser settings.
--------------------------
Please try the following:
Click the Refresh button, or try again later.
If you typed the page address in the Address bar, make sure that it is spelled correctly.
To check your connection settings, click the Tools menu, and then click Internet Options. On the Connections tab, click Settings. The settings should match those provided by your local area network (LAN) administrator or Internet service provider (ISP).
See if your Internet connection settings are being detected. You can set Microsoft Windows to examine your network and automatically discover network connection settings (if your network administrator has enabled this setting).
Click the Tools menu, and then click Internet Options.
On the Connections tab, click LAN Settings.
Select Automatically detect settings, and then click OK.
Some sites require 128-bit connection security. Click the Help menu and then click About Internet Explorer to determine what strength security you have installed.
If you are trying to reach a secure site, make sure your Security settings can support it. Click the Tools menu, and then click Internet Options. On the Advanced tab, scroll to the Security section and check settings for SSL 2.0, SSL 3.0, TLS 1.0, PCT 1.0.
Click the Back button to try another link.
Cannot find server or DNS Error
Internet Explorer