[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 903
  • Last Modified:

Weird Networking Problem

Dear All,

Here's the scenario. The company recently upgraded from a 512k ADSL link to a 1M SHDSL link, with all WAN IPs retained. The setup:

Private LAN (10.131.17.x) f/a0 |--- Cisco 1814 ---| WIC-4ESW |--- SpeedTouch ST610s ---|  ----->> Internet

IP Addresses:

1814's WIC: 58.185.xx.193 /28
ST610s Inside: 58.185.xx.194 /28
ST610s WAN: 203.115.xx.78 /30
ISP: 203.115.xx.77 /30

After setting up the ST610s, I connected back everything as it originally was. I then plugged my laptop from 1814's fa0, could ping all the way the ISP's IP (203.115.xx.77) but I just couldn't surf the net (from any other workstations). I tried doing a ping to the ISP's DNS without problems too. Whenever I launch IE, it just shows the page cannot be displayed. I've entered the DNS servers correctly on the ST610s and should I plug my laptop directly to the ST610s, I could surf without problems (therefore, it can't be a virus problem). I'd like to add that I have no access to the 1814. Any ideas?

1 Solution
Renato Montenegro RusticiIT SpecialistCommented:
Ping isnt the best way to test DNS connectivity. Open a command prompt and type:


If there is a DNS configuration, NSLookup will connect to its primary DNS server. If not, you can issue the following command from DNS command line:

server IPAddressOfTheDNSServer

Then, it will try to connect to the DNS server.

If you have got a connection to DNS, try a search. Type some site name and see if its is resolved. For example:


If your DNS doesn't responds, you may have a firewall issue. Open port 53 on firewall and try again.

If all your DNS config and results are OK, type Exit to quit NSLOOKUP and try a Telnet to www.microsoft.com to see if port 80 is not blocked:

telnet www.microsoft.com 80

You should see a black screen. This means that its connected. Or just test a connection from the web browser. If you cannot connect, try checking your firewall.
Why are you using the cisco 1814?
You might need to enter the name servers on the cisco if this router assigns IPs via DHCP.

Take out the cisco 1814 and plug directly into the st610 and you will be surfing.

the cisco 1814 and the LAN side of the st610 are in IP conflict for IP 58.185.xx.193/28.  

Since you have established some new network attrributes, be sure and disable your software firewall (XP-SP2, ZoneAlarm, Norton, McAfee, etc).  BTW, in the interests of maintaining your sanity, you should never have more than 1 software firewall enabled.  In any case, if you are now able to surf, you were being blocked by your firewall.  If applicable, re-enable your firewall.


Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

Tackle projects and never again get stuck behind a technical roadblock.
Join Now