Win98 and Pinging

I have two PC's on the same network. Both have Windows 98 and are set up identically (with regards to network setup, gateway, tcpip etc) the only difference is that they each have a different kind of network card.

Our company hosts multiple web sites, for the sake of this example let's call them, and One of the Win98 PC's can ping all three addresses or go into IE and bring all three web sites up within its browser, the other PC can only bring up the first web site in IE and can only ping the first IP address.

Could it be the network card itself that is the problem?
Who is Participating?

Improve company productivity with a Business Account.Sign Up

dcgamesConnect With a Mentor Commented:
There is only two things that can be:

a) Your PCs DONT have the same setup

b) Your firewall has special arrangements for one (or some) of the PCs.

The best thing to do to verify that the PCs are EXACTLY the same, is to open a DOS session (run command) and get the output from the following commands:


The only differences should be the IP address of the PC and the name of the network card. Pay special attention to the routes, network masks, the ORDER of DNS entries, etc.

Once this has been verified, the only explanation is the firewall.

The PC that CAN ping probably has it's IP address entered in an ACL (Access Control List) in the firewall.

The firewall starts by closing down things it doesn't want to allow. Such as blocking ICMP packets, thus preventing PING.

You then poke holes in it for specific things. For example, for everyone being able to access IP address X, port Y, or for a specific machine being able to do the same.

Get your firewall documentation and start looking there.

I would think that is pretty doubtful.  What happens when you try to ping the other sites?  Do you get name resolution?  Can you ping by address?  What happens when you trace route to the sites?  Is there a firewall in place?  Could it be an errant rule?  What happens if you change the IP of the malfunctioning PC to that of the functioning one?
ONYXAuthor Commented:
When I ping the other sites, it replies with the message "unknown host", which I guess means that there is no name resolution. But why would one machine resolve it and another won't? Is there a DNS setting that I need to change?

There is a firewall in place...does that have something to do with it?

I'll try your other recommendations and let you know. Thanks
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

If its "unknown host" than its definitely a name resolution problem.  I doubt if a firewall is blocking that although it potentially could.  Can you ping or get to the sites by IP address?  Do both machines have the same DNS server at the top of their DNS list (look in winipcfg)?  If these are DHCP, try renewing the lease on the malfunctioning box.
ONYXAuthor Commented:
We host multiple web sites using the same IP address. I can ping that IP address, but when I go into IE and try and bring up the web site with the IP address, it will only bring up the first one:, so it cannot bring up or I don't know if there is some hierachy to it or not.

I looked in winipcfg and the DNS server is the same. I tried swapping IP addresses between the malfunctioning box and the working one, but that made no difference.

Can the problematic box resolve ANY internal names?  What about external names?  Is it the only box in the company having problems?
ONYXAuthor Commented:
Yes it can ping internal names, howwever, I tried to ping some other external web sites (,, and I could ping yahoo and espn but on the other two, the request timed out. There are some other boxes having problems, perhaps the speed of the box????
check the host file for incorrect entries
can you ping them by ip address (not domain name)
As to your last post - you can't ping those two sites because those companies block ICMP with their firewalls.  The main thing to see during those tests is whether or not it tries to ping an IP address or fails with an "unknown host".  For example when pinging, you should at least see:

Pinging [] with 32 bytes of data:

After that you see the "request timed out".

The speed of the box should have nothing to do with it.

So the data we've established so far is that you have:

- multiple clients having trouble resolving some internal DNS names
- problem boxes can resolve all external names (to best of knowledge
- pinging by IP works fine
- settings of working and non-working boxes are the same

The only other question I have is whether or not the symptoms are the same on all non-working boxes - in other words, are they not resolving the exact same names or does it appear random?

Stevenlewis' comment about the host file is a possibility, but the fact that multiple clients are having issues would make me lean against that.

If you have multiple DNS servers in the client list, I would try to manually go through each of them by putting one entry in the list and reboot.  Try the internal name, record the results, then change the entry to the next DNS server and repeat.  Keep doing this until you have gotten through the full list.  If they all failed, then I would definitely contact your DNS and firewall administrators and get them involved.

ONYXAuthor Commented:
The symptoms are the same among all the non-working machines. I tried to ping from all of the non-working ones and received the "Request Timed Out" from each of them. We do, in fact, have multiple DNS servers and I have tried removing each one and rebooting...but I get the same result.

Unfortuntately, I'm both the DNS and Firewall admin, and I'm new to all of this (in case you hadn't figured that out). The odd part is that we have multiple web sites running on this server, and I can ping and/or access most of the other ones, but there is a couple that I cannot get to internally. I guess I need to examine their configurations within DNS to see what is different about them, although they all seem to be set up the same way.

Pardon my ignorance, but how could a firewall affect all of this?

Thanks again for all your help.

Like I said, the problem with pinging is NOT a problem.  NOBODY can ping it because they have set their firewall to not allow it.  I can't ping it either.  Again, your problem here is only name resolution.  So, in this case as long as you get the first line "Pinging [] with 32 bytes of data:", and not "Unknown host", then they are working fine for that name.  

As far as the firewall goes, it is an unlikely source of the problem, but I can see a potential problem where the DNS names are only stored in 1 server and there are rules that only allow a certain range of computers to talk to the DNS server, and that rule has excluded a portion of the client base.  This could cause the clients to go to other servers that don't contain those names.

Your last post makes me a bit confused on whether or not you have multiple machines experiencing the same problem.  Are multiple machines not able to resolve names for the SAME INTERNAL DNS names?  Which machines can?  Which machines can't?  Any correlation to segment, location, OS, etc?  Any entries in the host files?  Do the ones that WORK have entries in the host files, and maybe DNS isn't working correctly for these names?
ONYXAuthor Commented:
I understand that not being able to ping is not a problem, I was just verifying that I was getting the correct message.

Sorry for the confusion, I do have multiple Win98 PC's that cannot ping the same internal DNS names...but the oddity is that I have one Win98 PC that can. The are set up identically.

I did figure something else out though, I have two DNS servers listed in my network config and I cannot ping one of them.

There are no entries in any of the host files on any of the working or non-working PC's.

One more thing in the "pay special attention to" category. The GATEWAY values.

ONYXAuthor Commented:
Thanks for the suggestion, I'll have a look.

I have another related question that kind of came up in this excercise....

Why would a web site reject or block ICMP packets? Is is a security measure? What possible damage could this do?
Security measure - ICMP can be used for DOS attacks.  If a web server is hit by enough pings at once, it can choke out any other service.
I am not sure how anyone can be troubleshooting this problem with the lack of information being transmitted.

ONYX, You need to clarify the setup of your network a bit further.

1. What are the ip addresses of the pc's you are using to ping your three websites?

2. Are the pc's on the same hub?

3. Are you trying to ping internal or external ip addresses?

4. What type of Firewall do you have?

5. What are the results of a trace route?

From what I understand, you are trying to ping a domain that has an external ip address. This domain is hosted internally to your netwrok. The problem comes from trying to ping this external ip address (resolved) from inside your network. So if you were to perform a trace route to these domains, you would being going out one interface of the firewall and back in the same interface on the same firewall. If this is the case, this may be your problem. I know for a fact that Cisco Pix boxes do not allow this to happen for security purposes.

In order to get to the route of this problem, you need to supply the information above and then we can troubleshoot more effectively.
Since you are both the Firewall and DNS administrator (right?) you can decide what to do as far as security.

ICMP can be blocked selectively or just overall. You can explicitly state that ICMP is to be allowed from the IP address range in your network, and blocked elsewhere.

Again, look at the Access Control Lists in the firewall itself.

You  have 26 open questions today, all of which need your attention.  ADMINISTRATION WILL BE CONTACTING YOU SHORTLY.  Moderators Computer101, Netminder or Mindphaser will return to finalize these if they are still open in 7 days.  Experts, please post closing recommendations before that time.

Below are your open questions as of today.  Questions which have been inactive for 21 days or longer are considered to be abandoned and for those, your options are:
1. Accept a Comment As Answer (use the button next to the Expert's name).
2. Close the question if the information was not useful to you, but may help others. You must tell the participants why you wish to do this, and allow for Expert response.  This choice will include a refund to you, and will move this question to our PAQ (Previously Asked Question) database.  If you found information outside this question thread, please add it.
3. Ask Community Support to help split points between participating experts, or just comment here with details and we'll respond with the process.
4. Delete the question (if it has no potential value for others).
   --> Post comments for expert of your intention to delete and why
   --> YOU CANNOT DELETE A QUESTION with comments; special handling by a Moderator is required.

For special handling needs, please post a zero point question in the link below and include the URL (question QID/link) that it regards with details.
Please click this link for Help Desk, Guidelines/Member Agreement and the Question/Answer process.

Click you Member Profile to view your question history and please keep them updated. If you are a KnowledgePro user, use the Power Search option to find them.  

Questions which are LOCKED with a Proposed Answer but do not help you, should be rejected with comments added.  When you grade the question less than an A, please comment as to why.  This helps all involved, as well as others who may access this item in the future.  PLEASE DO NOT AWARD POINTS TO ME.

To view your open questions, please click the following link(s) and keep them all current with updates.

To view your locked questions, please click the following link(s) and evaluate the proposed answer.

*****  E X P E R T S    P L E A S E  ******  Leave your closing recommendations.
If you are interested in the cleanup effort, please click this link 
POINTS FOR EXPERTS awaiting comments are listed in the link below
Moderators will finalize this question if in @7 days Asker has not responded.  This will be moved to the PAQ (Previously Asked Questions) at zero points, deleted or awarded.
Thanks everyone.
Moderator @ Experts Exchange
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.