Solved

Question Revisited

Posted on 2006-06-21
23
263 Views
Last Modified: 2010-04-18
Hello Friends,

I am still having a battle with my sister company's DSL ISP  about cutting off their Internet access between the hours of 8:00 pm and 6:00 am.  I have totally reset the router back to the default settings and still getting cut off.  I talked with the ISP today and they say, once again, it is a setting in active directory that is causing the problem.  For the life of me, I can't find a policy or setting that says to disconnect the service at those particular times.  I know that I can restrict times that users logon through active directory but not restrict total internet access for everyone in the company.  I asked the ISP if they could tell me where the setting is in active directory and they couldn't (surprise! surprise).  My question is does anyone know of a setting in Windows 2003 Server active directory that could be doing this?  Thanks for the help!!
0
Comment
Question by:huntersp3
  • 8
  • 8
  • 3
  • +3
23 Comments
 
LVL 13

Expert Comment

by:2hype
ID: 16954781
In Active Directory or Group Policy there is not a setting that will block internet access at certin times.

Do you have ISA Server.  If you do are there any Internet Time Restrictions Set.
Do you have some other software on your Firewall that can prevent Internet Access at Certian times.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 16955000
What about on a router. Many routers have rules allowing you to block or allow traffic between specific times. If you are not sure where to locate, provide make and model we can be more specific.
0
 
LVL 7

Expert Comment

by:CharliePete00
ID: 16955005
There is nothing in the out of the box AD schema (2000 or 2003) to allow denying Internet access without disconnecting a computer from the network entirely.  When this happens are the affected machines still able to communicate with other devices on the local network?  If so AD is not the cause of the problem.  

Have you tried turning on logging on your router; maybe logging to a syslog server or something similar?  Proper logging on your router will be able tell you if the problem is on the ISP side.  Also, does the router show as connected on the outside (Internet) interface during those times?

Are they running a firewall, proxy server, ISA server, or some other type of Internet gateway?  Your problem is most likely whith a policy on one of these.  See if you can connect a computer directly to the Internet during those hours.  
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 16955016
Sorry missed "totally reset the router back to the default settings " when I posted a minute ago.
--Rob
0
 

Author Comment

by:huntersp3
ID: 16955138
Hi Folks:

They are not running a ISA server and no firewall is installed on the server.  They have a very simple setup. They have only one server running Windows 2003 SBS and Netopia Cayman 3346 DSL Router.  In additon, presently, I have the firewall on the router disabled. The only thing I haven't done is to be on property at the times the cut off occurs.  I might have to go on site at that time and see what is happening from the inside out.  I am running two other larger networks but don't have the problems like with this smaller network.  
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 16955309
It is possible to script blocking access even as simple as a scheduled event to change a gateway address. Is this a system you set up or might someone have done some "tweaking" before you.
0
 
LVL 7

Expert Comment

by:CharliePete00
ID: 16955323
Is the outside interface of the router pingable from the outside?  If so a simple ping should tell you if their connection to the ISP is still up during those hours.

Also, SBS 2003 Premium Edition comes with ISA 2004.  You might try logging into the SBS machine to see if it's installed.
0
 
LVL 51

Expert Comment

by:Netman66
ID: 16955484
You might also want to check the NIC properties for the Power Management stuff.  Uncheck anything that says the OS will shut down the interface to conserver power.

0
 
LVL 7

Expert Comment

by:CharliePete00
ID: 16955729
You can tell if ISA server is installed by seeing if "%programfiles%\isa server" folder is present on the SBS 2003 machine or by going to
start > all programs > isa server
0
 
LVL 29

Expert Comment

by:mass2612
ID: 16956095
I think the suggestions above are pretty good. I mainly want a record of this issue. I'd be trying to ping the external IP of the DSL router when its down (if ping is not blocked) or when it is showing as down I would disconnect it from your backbone switch and connect a single PC, reboot the router and see if you can get out on the link.
0
 

Author Comment

by:huntersp3
ID: 16956640
Ok Folks,

The service went down at 8:00 p.m. and I ran a tracert to my public ip address and here are the results.   Maybe, I should not post who the provider is but here it is anyway.  I took out my public ip address for security reasons--but it looks like that the service is being discontinued by Bell South?  Where the requested time out is should be my public IP Address.  I can't telnet to the address either.


 1   173 ms   171 ms   163 ms  nas30.houston4.tx.us.da.qwest.net [63.152.13.109]
  2   167 ms   162 ms   157 ms  63.152.31.253
  3   186 ms   165 ms   165 ms  iah-edge-01.inet.qwest.net [63.152.125.29]
  4   192 ms   154 ms   165 ms  iah-core-02.inet.qwest.net [205.171.31.45]
  5   164 ms   162 ms   166 ms  dal-core-01.inet.qwest.net [67.14.2.2]
  6   162 ms   168 ms   164 ms  dap-brdr-01.inet.qwest.net [205.171.225.49]
  7   222 ms   162 ms   157 ms  so-1-2-0.edge1.Dallas1.Level3.net [209.245.240.1
65]
  8   164 ms   168 ms   166 ms  so-1-2-0.bbr2.Dallas1.Level3.net [209.244.15.165
]
  9   170 ms   170 ms   166 ms  ae-21-52.car1.Dallas1.Level3.net [4.68.122.45]
 10   183 ms   178 ms   177 ms  67.72.4.2
 11     *      187 ms     *     axr00msy-0-0-0.bellsouth.net [65.83.236.33]
 12   212 ms   200 ms   208 ms  65.83.237.107
 13   231 ms   229 ms   227 ms  205.152.133.66
 14   216 ms   219 ms   219 ms  host-205-152-229-57.bgk.bellsouth.net [205.152.2
29.57]
 15   224 ms   221 ms   220 ms  68.208.248.14
 16   230 ms   232 ms   227 ms  adsl-157-111-160.owb.bellsouth.net [70.157.111.1
60]
 17     *        *        *     Request timed out.
 18     *        *        *     Request timed out.
 19     *        *        *     Request timed out.
 20     *        *     ^C
C:\>
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 77

Expert Comment

by:Rob Williams
ID: 16956664
Is allowing of ICMP requests enabled on the router/modem? i.e. can you get a response, and telnet through the day?  Very odd the ISP would drop you at a given time.
0
 

Author Comment

by:huntersp3
ID: 16956744
Yes, I can telnet. ping, and remote in during the day.  In the morning the service will come back up at 6 am.  To answer past questions, they are not running an ISA server.  They are running SBS with Service pack 1 on the server
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
ID: 16956871
I would be pushing Bellsouth for a solution then. You have definite evidense.......assuming the building doesn't have a power management system that disables multiple circuits at specific times??? We had one building where 60% of the circuits in the building switched off at 10:00pm as part of a power saving program It was supposed to be just lights but somebody got carried away with the design. Have you confirmed the modem and router are still powered up a that time?
0
 

Author Comment

by:huntersp3
ID: 16958782
Hello Folks,

The network is up and running at 6:00 a.m. and I did a trace route and here are the results.  I took that last hop out (No. 16) because it is my public IP address.


  1   169 ms   167 ms   158 ms  nas29.houston4.tx.us.da.qwest.net [63.152.13.108
]
  2   361 ms   908 ms   395 ms  63.152.31.126
  3   215 ms   164 ms   159 ms  iah-edge-08.inet.qwest.net [63.152.125.33]
  4   158 ms   163 ms   193 ms  iah-core-02.inet.qwest.net [205.171.31.25]
  5   209 ms   170 ms   204 ms  dal-core-01.inet.qwest.net [67.14.2.2]
  6   939 ms   904 ms  1311 ms  dap-brdr-01.inet.qwest.net [205.171.225.49]
  7   169 ms   168 ms   160 ms  so-1-2-0.edge1.Dallas1.Level3.net [209.245.240.1
65]
  8   163 ms   166 ms   160 ms  so-1-2-0.bbr2.Dallas1.Level3.net [209.244.15.165
]
  9  1959 ms   746 ms   200 ms  ae-21-54.car1.Dallas1.Level3.net [4.68.122.109]

 10   204 ms   211 ms   182 ms  67.72.4.2
 11  1969 ms   413 ms   188 ms  axr00msy-0-0-0.bellsouth.net [65.83.236.33]
 12   204 ms   202 ms   202 ms  65.83.237.155
 13  1838 ms   830 ms   232 ms  205.152.133.66
 14   223 ms   217 ms   223 ms  host-205-152-229-57.bgk.bellsouth.net [205.152.2
29.57]
 15  1731 ms   777 ms   228 ms  68.208.248.14
 Trace complete.

0
 
LVL 51

Expert Comment

by:Netman66
ID: 16958809
I think Rob might be on to something.

I would check to make sure that the circuits used to power up the modem and router are not shut off by accident each night.  You could use a UPS to see whether you get any more usage before the batteries drain down.

0
 

Author Comment

by:huntersp3
ID: 16959209
Hello Folks,

I have spoken with the electrician that takes care of the building and he says there is no power management program in the building.  I will call Bell South again and see if I can speak with a supervisor about the issue and get past the help desk.  Other than that, I think the next step is to be there at night and see what is going on.

0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 16959271
Agreed, if Bell South doesn't offer any information, I'd be there, check if it stays powered up and you can verify where the connection is lost.
0
 

Author Comment

by:huntersp3
ID: 16964091
Hello All,

A Bell South Technician came and made an inspection of the line and said all looked good and he said that they do not have the ability to deny DSL access to customers based on certain time periods.  So, I am back to square one.  I have emailed Netopia about the issue and hopefully they will respond to question of "is there a set command in the router where I can specify times to turn of the service?".   If there is, it is not apparently visable through the show command. The next step is to be on site when the service goes down and observe what is going on.
0
 

Author Comment

by:huntersp3
ID: 16968521
Hello Everyone,

Does anyone know of a command that is in the Cayman Model 3346 (Version 7.1.1 Bulid r2) that could be blocking internet services at particular commands?  I have been through the manual and I can't find one.

Thanks
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 16968558
>>"at particular commands"
commands or times ?
I went through the manual yesterday page by page, and I couldn't find anything either. Some of their units do have that feature, and they seem to offer it as a software parental control option. Check the unit itself as well though, as they could add it with firmware updates.
0
 

Author Comment

by:huntersp3
ID: 16983851
Hello Folks,

Issue is solved.  As I suspected, It was a Bell South issue,  I went on site at 9:00 p.m. on Friday and found the Data Sync light flashing.  Signed on to the router and the status showed waiting on DSL.  I called Bell South and the line technician found that the line was out of sync.  I appreciate all the comments and help this forum provides.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 16984451
Thanks huntersp3. Glad to hear you were able to resolve.
Could they explain why it was happening during a specific time period?
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Suggested Solutions

Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now