?
Solved

Can't ping or run tracert to certain domains/ip addresses - Destination Host Unreachable.

Posted on 2008-06-11
7
Medium Priority
?
1,060 Views
Last Modified: 2012-05-05
I recently noticed that I am unable to ping (or run tracert) to certain domains/ip addys from our server. Most importantly, I can reach the licenseupdate server for trendmicro - which is how I realized we had a problem.

Example:
no problems ping/tracert to the following domains
google.com
espn.com

for the following domains, I am able to resolve the ip address, but the ping comes back and says Destination Host Unreachable.
If I run a tracert, I get the Destination Host Unreachable. as well
licenseupdate.trendmicro.com
vortechhosting.com

We are using a Linksys RV042 Router.
I can ping ANY/ALL sites/addys from the Router with no problems (in the diagnostic section)

Server ipconfig/all
Windows IP Configuration

   Host Name . . . . . . . . . . . . : SERVER
   Primary Dns Suffix  . . . . . . . : iscg.local
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : Yes
   WINS Proxy Enabled. . . . . . . . : Yes
   DNS Suffix Search List. . . . . . : iscg.local

Ethernet adapter Server Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
   Physical Address. . . . . . . . . : 00-15-C5-F6-C4-8A
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.10.10
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.10.1
   DNS Servers . . . . . . . . . . . : 192.168.10.10
   Primary WINS Server . . . . . . . : 192.168.10.10

Route Print from server:
IPv4 Route Table
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 15 c5 f6 c4 8a ...... Broadcom NetXtreme Gigabit Ethernet
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0     192.168.10.1    192.168.10.10      1
        127.0.0.0        255.0.0.0        127.0.0.1        127.0.0.1      1
     192.168.10.0    255.255.255.0    192.168.10.10    192.168.10.10     20
    192.168.10.10  255.255.255.255        127.0.0.1        127.0.0.1     20
   192.168.10.255  255.255.255.255    192.168.10.10    192.168.10.10     20
        224.0.0.0        240.0.0.0    192.168.10.10    192.168.10.10     20
  255.255.255.255  255.255.255.255    192.168.10.10    192.168.10.10      1
Default Gateway:      192.168.10.1
===========================================================================
Persistent Routes:
  None

0
Comment
Question by:rheide
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 3

Expert Comment

by:patrickfromsc
ID: 21762319
Your server its own DNS, which is precisely how you want it setup as an AD controller.  You also want to go into the DNS server properties and configure it to use forwards, and ideally input your ISP's DNS servers in order of lowest latency, according to ping results.  Then stop and start the DNS Server service, and verify that you can once again resolve DNS queries.

I have had routers act strange from time to time and block DNS (port 53) traffic, so cycle power on the router if the above doesn't resolve it.

Regards,
PfSC
0
 

Author Comment

by:rheide
ID: 21765397
I have confirmed our ISP's DNS servers are set as the forwards and also confirmed the ip address of the server is NOT in there. Although everything was correct, I stopped/restarted DNS - no change.

Next (I just did this since I had to wait until everyone was off) - I restarted the router - still no luck.

Please keep in mind...
This is a Windows Small Business Server 2003
I CAN ping these sites from the router (in the diagnostic section).
I CAN ping these sites from other computers on the network.
From the server, I CAN ping pretty much every site I try except for a few random sites (basically 99.999% of the sites/ips ping just fine)

Any other ideas would be greatly appreciated.

-R
0
 

Author Comment

by:rheide
ID: 21766256
I haven't solved the problem but I've got some additional information.

After doing some research, I realized I get the "destination host uncreachable" error when I attempt to connect to ANY ip that starts with 216.x.x.x

Hopefully this will help someone point me in the right direction. Thanks.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 3

Accepted Solution

by:
patrickfromsc earned 2000 total points
ID: 21766268
It's obvious that this problem is isolated to your SBS server.  Your next step is to reset the IP stack, which is fairly painless.  From a command prompt, type "netsh int ip reset c:\reset.log" and hit enter.  Here is a MS article on the basic procedure as well:
http://support.microsoft.com/kb/317518

This command will run with no apparent action (though the log file is populated), and only takes a second.  You'll need to reboot the server and retest.  Let us know your results.
0
 
LVL 3

Expert Comment

by:patrickfromsc
ID: 21766307
Is ISA installed on the SBS?  If it were, but no PCs were using it as their proxy, and the Local Address Table (LAT) was wrong (i.e. 216.x.x.x was configured as local), then it could cause this.  A stretch though.
0
 

Author Comment

by:rheide
ID: 21766316
Hello. No ISA is not installed.
After reading your last post about the IP stack reset, I read the article you provided by MS. Since I am remoted in, it sounds like it is something I need to do while standing in front of the server. Once I have a chance to do this, I will let you know how it goes. Hopefully in the next 48 hours.
Thanks!!
0
 

Author Comment

by:rheide
ID: 21766388
Well, I got it figured out. Its embarrasing to admit, but its something I did months ago.
We were having problems with hackers attempting to login to our SBS, so I created multiple IP bans using IP Security. As you can guess, one of the bans was for 216.x.x.x   Ooops.

patrickfromsc - thank you for taking the time to help - after your suggestion, it got me thinking what the reset would do and somehow I remembered what I had done in the past. SO, considering your solution would have fixed it - I am awarding the points to you!!

Thanks again!
0

Featured Post

Enroll in August's Course of the Month

August's CompTIA IT Fundamentals course includes 19 hours of basic computer principle modules and prepares you for the certification exam. It's free for Premium Members, Team Accounts, and Qualified Experts!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The articles for turning off the Client firewall policy on the internet are for SBS 2008 and don't really help for SBS 2011. They actually moved the Client firewall policy. In 2011, the client firewall policy has moved to the SBS computers conta…
You may have discovered the 'Compatibility View Settings' workaround for making your SBS 2008 Remote Web Workplace 'connect to a computer' section stops 'working around' after a Windows 10 client upgrade.  That can be fixed so it 'works around' agai…
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
Suggested Courses

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question