Solved

Funky new client setup- Need help ASAP

Posted on 2004-08-23
22
357 Views
Last Modified: 2010-03-17
I went to a new clients offices this afternoon to check out "wierd internet and email problems"....Well, it sure is wierd.  There's only 8 employees who 3 offices and one big "main" area with desks.  They have a DSL modem sitting underneath one of the desks.  Now,  this little DSL modem is plugged directly into a little Linksys "Router/Firewall" that is also just sitting under the desk, and there is one PC and a printer plugged into the router/firewall as well.  This is the only PC that is not having any issues.  The rest of the PCs and the 2 servers are either plugged directly into a Cat5 wall jack or into another little switch/router under some desk, and all these machines can't reach some sites, can't send email, etc....They do not have a mail server, and I went over their internal DNS, which looks fine (W2k).  all machines on the network are Windows 2000.  I, for the life of me, can't find where any Cat5 cables dump out into a comm closet or anything, so I'm stupmed as to how to fix this.  Basically, I think I need to get the modem plugged into a switch, and have all PCs plugged directly into that switch, correct?  But if I can't find where the jacks are terminated, what should I do?  I ned to do this tomorrow morning, so some quick help would be much appreciated.  Thanks.
0
Comment
Question by:tenover
  • 7
  • 5
  • 3
  • +3
22 Comments
 
LVL 1

Expert Comment

by:master_chris
Comment Utility
Indeedly correct. All Pc's should be plugged into a switch.

You say that they have a ADSL modem, plugged into a Linksys Router/Firewall with one PC running off it.  There needs to be another hub/switch running off it because it needs to be connected somehow.

On these other machines in the office, do they have an active network connection. Do they have ip addresses?

Also if all PC's are running into the wall Cat 5 jacks, they most likely run back to a switch. Like a phone switch.

Chris
0
 
LVL 27

Expert Comment

by:pseudocyber
Comment Utility
When you say "can't reach some sites" do you mean can't reach ANY sites or so SOME work?  If SOME work, then there must be a way they're getting out.

It sounds like you need to do some topology investigation.  And, it sounds like you need to do it manually.  This means find a cable and either - a) lift the ceiling tile and look to see in what direction the wire goes and start tracing it like that, b) get someone to tug on it while you're in the crawlspace underneath and find it and trace it, or c) have someone tug on it while you're in the attic and trace it.

Now, if the cables run through the ceiling and there's an upstairs, then you need some special tools.  I call them a Toner and Probe but different people call them different things.  Basically, you put the toner on the wire and it puts a musical tone on the wire.  Then, when the probe gets close to the wire, it picks up the tone and amplifies it.  This lets you identify wires by "toning them out".  They really need to hire you to do some basic documentation of their network and identify what connects where and do some diagrams.

When you do find the hub or switch they're all using then you could run a crossover cable from it back to the Linksys and it should work fine.

Hope this helps.
0
 

Author Comment

by:tenover
Comment Utility
Yeah, that's what I thought....The only computer that can get out to ALL Sites is the one plugged directly into the little router/firewall that is plugged directly in to the modem.  All other PCs/servers can access some sites, but not all.  Here's a thought-
When looking at their setup, all PCs are setup to use "192.168.1.1" as their Gateway, which is the Linksys router/firewall.  Now, I found at least one more Linksys "router" that they have plugged in under another desk that (I think) they thought was just a little hub, at least that's all they're using it for, and I'm thinking that router probably also has the default 192.168.1.1 address....Could that be the issue?  Some clients see that little router and not the other one?
0
 
LVL 27

Expert Comment

by:pseudocyber
Comment Utility
You could take the second one, then run a crossover from a LAN connection to a LAN connection on the first and it will be a router/switch and the second will be a bridge/switch.
0
 
LVL 27

Accepted Solution

by:
pseudocyber earned 250 total points
Comment Utility
Ps.  Turn off DHCP on the second one.  And change the IP to something like 192.168.1.5 or so.
0
 
LVL 40

Expert Comment

by:Fatal_Exception
Comment Utility
I just cannot believe that the router would be causing some sites not to be resolved, while others work just fine.  Sounds more like a dns issue to me.  If they are using outside DNS, point the PC's to that DNS server using static addresses, and make sure that the Gateway is correct.  It could be the ARP cache in the second router too, so you may want to try clearing this.

FE
0
 
LVL 27

Expert Comment

by:pseudocyber
Comment Utility
What kind of internet connection is it?  I ran into this issue recently with a vpn branch office connection where some sites would load and some wouldn't.  To resolve it, we lowered the MTU on the tunnel.
0
 

Author Comment

by:tenover
Comment Utility
It's a DSL (PPPoE), and I already tried lowering the MTU.....
0
 
LVL 40

Expert Comment

by:Fatal_Exception
Comment Utility
Did you lower the MTU according to the guide at my website.??  

Ck the Broadband Cable and DSL section:

www.doverproductions.com
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 27

Expert Comment

by:pseudocyber
Comment Utility
I think we had to take it down to 1300 ...
0
 
LVL 40

Expert Comment

by:Fatal_Exception
Comment Utility
Did you do it on the PC's and the routers?
0
 
LVL 7

Assisted Solution

by:Focusyn
Focusyn earned 250 total points
Comment Utility
My two cents - first of all - psuedocyber is on point with all comments, ESPECIALLY the one about DHCP and the LAN IP of the 'second' router.  If they are not on completely seperate networks, then either it's already set up that way, or tboth routers DO have the same IP.  

More importantly, I can explain why some sites may work and some don't, and you should be able to test this theory fairly simply;  Browsers, network drivers and OS's cache DNS information.  IF something has recently changed (for example, the second router used to be set up as a switch with DHCP turned off and its own IP address on the correct segment, but a lightning strike, employee who 'knows about computers' or some other factor has reset the switch to factory defaults) or added there may be a new conflict on the network.  DNS is the first thing to go most of the time.  If you want to test the DNS theory, start by asking questions.  Ask the employees if the sites that work are those that he or she visits often and vice versa for the ones that don't work.  Remember, users lie, so regardless of what they tell you, go to the computer that works great, go to the command prompt and do an nslookup on google.com or something (the syntax for that is "NSLOOKUP GOOGLE.COM" {ENTER} if you aren't familiar with it.  That will return the actual IP addresses of the google website.  Take down one of the IPs for the site and go plug it in to a browser on a computer with problems. For example, I"m getting 216.239.37.99 for google (it has hundreds of IPs so you may get something totally different), so I would go to a problem PC and put http://216.239.37.99 in the address bar and see if it opens.  

I use google.com as an example here - it's important to note that you should specifically find an address which the user cannot reach for testing this theory.  If they can't reach it by domain name, but plugging in the IP address works, then you have a DNS problem, probably caused by conflicts between multiple routers/firewall rules etc.

I'm assuming you don't know much about their network based on the fact that you don't know where the wires terminate, but from your explanation, the "good" system and the other systems aren't on the same network.  If you got a DSL modem going straight to a router/switch straight to a computer and there's not another network cable plugged in to that thing (the little linksys router), then you have an autonomous network there (or a wireless one, in which case everything changes), and the other users are connecting over a different WAN connection.  You really need to get more information on their network topology, and share it with us if you're still having problems.  Your explanation really sounds to me like there is an important piece of hardware somewhere in between that you are missing, and possibly multiple internet (WAN) connections in the office.  Also, if you have access to a Fluke LanMeter or competing product, I can tell yopu how to find the switch/patch panel.  
0
 
LVL 27

Expert Comment

by:pseudocyber
Comment Utility
Along with what Focusyn is saying, you could just go to one of the machines that's working intermittenly and flush the dns (ipconfig /flushdns) and clear the browser cache (tools/internet options/delete files/delete all offline content) and THEN see if they can get to a site they could before.

An interesting idea that Focusyn brought out - if the two routers were connected together and have the same IP, there will be an IP conflict between them and the results would be pretty unpredictable which one would work at any given time.
0
 
LVL 40

Expert Comment

by:Fatal_Exception
Comment Utility
Good analysis.. I agree with both...  :)
0
 

Author Comment

by:tenover
Comment Utility
Thanks guys, that's exactly what I was thinkg=ing, I was just having a hard time putting it in words.  I've already tried everything you said except for the /flushdns...I'll ask a user to try that right now.  
0
 

Expert Comment

by:zcat
Comment Utility
I had the same problem when I connected two routers together.  I was attempting to use one as a router and the other as a switch but they just kept conflicting with each other.  I had all kind of odd behavior.  The machines quit talking to each other and they would sometimes connect and then at other times would drop internet connection.  I would recommend taking a switch with you and replacing the 2nd router with it (not connected to the modem).  I am 90% sure that will solve your problem.
0
 
LVL 7

Expert Comment

by:Focusyn
Comment Utility
I'm hard pressed to make a recommendation on a recommendation, since we didn't hear back from the author as to what he did or didn't do, what did or didn't work, and what the disposition is.  At any rate, I think pseudocyber deserves at least a split for the frequent and useful non-redundant input.
0
 
LVL 27

Expert Comment

by:pseudocyber
Comment Utility
Thanks Focusyn - I think you deserve a split too! :)
0
 
LVL 40

Expert Comment

by:Fatal_Exception
Comment Utility
Yep..  agreed
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

    Over the past few years, small business and home owners have become so dependent on internet that a need for redundancy has arisen.    What happens when your small business or home / home office loses its internet connection?  The results c…
Sometimes you have to pull out old tricks to get a new firewall to work… While we were installing a new Sonicwall at a customers site we found that sites they were able to visit before were not working.  It seemed random and we could not understa…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now