http does NOT work. https DOES.

Hi there,

This is most bizarre and, from different logs I have available, it appears to have started after 0229 AEST 24 October 2008 (not sure if that is relevent).

The LAN has 3 x Windows 2003 Servers and the same is happening on all 3.

IE returns the above error immediately you try to access any http site, either by name or IP address. However, https sites are working.

In my attempts to solve the issue, I have done the following:

- Rebooted modem and router.
- Rebooted servers.
- Uninstalled a Windows Update dated 24 October 2008.
- Installed Firefox.
- Flushed the DNS cache.
- Hard-coded a different DNS server in the TCP/IP properties.
- Repaired the TCP/IP stack.
- Repaired Winsock.
- Connected one of the servers to a completely different LAN, via a different modem and router that is working perfectly for the 20 Win XP clients connected to it.
- Disabled RRAS.
- Confirmed Windows Firewall/ICS was not started. There is no other firewall on the servers.
- I can ping websites without issue, and it properly resolves the IP address of those sites.
- I can telnet to port 80 of those websites without issue.

Any and all hope very much appreciated.

Thanks n regs,
Bill.
Jims_Computer_ServicesAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

mrwalker15Commented:
Can you disable show friendly HTTP errors under the Advanced tab in Internet options?
Please post the error that you get after doing that.

Thanks.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Jims_Computer_ServicesAuthor Commented:
Hi and thanks for your prompt reply.

I have done as you have instructed (removed tick next to Show friendly HTTP errors) but it didn't change the error message. I have reproduced it in full for you below:

Regs,
Bill.

The page cannot be displayed
The page you are looking for is currently unavailable. The Web site might be experiencing technical difficulties, or you may need to adjust your browser settings.

--------------------------------------------------------------------------------

Please try the following:

Click the  Refresh button, or try again later.

If you typed the page address in the Address bar, make sure that it is spelled correctly.

To check your connection settings, click the Tools menu, and then click Internet Options. On the Connections tab, click Settings. The settings should match those provided by your local area network (LAN) administrator or Internet service provider (ISP).
See if your Internet connection settings are being detected. You can set Microsoft Windows to examine your network and automatically discover network connection settings (if your network administrator has enabled this setting).
Click the Tools menu, and then click Internet Options.
On the Connections tab, click LAN Settings.
Select Automatically detect settings, and then click OK.
Some sites require 128-bit connection security. Click the Help menu and then click About Internet Explorer to determine what strength security you have installed.
If you are trying to reach a secure site, make sure your Security settings can support it. Click the Tools menu, and then click Internet Options. On the Advanced tab, scroll to the Security section and check settings for SSL 2.0, SSL 3.0, TLS 1.0, PCT 1.0.
Click the  Back button to try another link.



Cannot find server or DNS Error
Internet Explorer  
0
LyonJayCommented:
Is there a possibility of a physical firewall blocking the http?

Can you access any websites from the IP address's? is DNS being blocked?
0
Protecting & Securing Your Critical Data

Considering 93 percent of companies file for bankruptcy within 12 months of a disaster that blocked access to their data for 10 days or more, planning for the worst is just smart business. Learn how Acronis Backup integrates security at every stage

firemanf29Commented:
Do you have a proxy server configured?
0
Jims_Computer_ServicesAuthor Commented:
Hi there,

There is no physical firewall except that provided by the router. I forgot to mention that in my testing, I temporarily and completely disabled that firewall and still got the same problem.

Anyway, in my testing, I connected one of the servers to a completely different LAN and still got the same issue. The other LAN is working fine for 20 Win XP Pro clients but didn't work for the server.

No, there is no Proxy server.

Stumped!!!

Bill.
0
mrwalker15Commented:
Are you running IIS on your web servers?
0
Jims_Computer_ServicesAuthor Commented:
Hi LyonJay,

DNS is working fine because I can ping websites and it resolves the IP address.

And, I can connect to https sites via name and ip address.

Just no http sites!

Regs,
Bill.
0
Jims_Computer_ServicesAuthor Commented:
Hi mrwalker15,

I am 85% sure there is no IIS on the server. The servers aren't really operating in a traditional domain. They are simply in a workgroup.

How do I tell for sure there is no IIS.

Regs,
Bill.
0
mrwalker15Commented:
Are those websites internal?
0
Jims_Computer_ServicesAuthor Commented:
Hi again,

No, there are no internal websites. We are talking about trying to get out to the www.

For example:
- https://dc-au.server-secure.com WORKS
- http://www.google.com.au DOESN'T WORK

Regs,
Bill.
0
mrwalker15Commented:
0
Jims_Computer_ServicesAuthor Commented:
Hi again,

I have downloaded the IIS Toolkit on a local PC and copied it to the server. I installed it and then ran WFetch with the default settings. Here is the output:

WWWConnect::Connect("localhost","80")

IP = "127.0.0.1:80"

source port: 4594


WWWConnect::Close("localhost","80")

closed source port: 4594


cannot send data, because connection is closed
0
sensored2008Commented:
if my guess is right, that sounds like a proxy is installled on the network that will only allow port to exit the network via 4594 or that you an anonymous internet surf installed on that machine which configured your lan settings to use proxy x on port 4594 and that software is currently off
0
Jims_Computer_ServicesAuthor Commented:
Hi sensored2008,

Mmmmm. Sounds feasible. But, where would I check for the existense of this proxy?

I've checked Internet Options > Connections > LAN Settings and there is no tick in any of the boxes.

I also know it's not the modem or the router because I can replicate the problem while connected to a completely different LAN using a different modem and router.

If your suspicion is correct, it means that all the servers on the affected LAN were hit at the same time - around 0300 on October 24, which makes me lean again toward a Microsoft Update. However, I've uninstalled all updates since 23 October.

Looking forward to your comments to the above.

Regs,
Bill.
0
sensored2008Commented:
Do u have  isa or any internet proxy  to manage internet on the  network?  If yes, check if you are getting any normal internet with that proxy ware  disabled  at  first from same  proxy machine and any other machine that you had  tested ealier.


if you got it working normal on all check the setting on the proxy, if not let me know which failed still.
0
Jims_Computer_ServicesAuthor Commented:
Hi again,

No, there is no ISA or internet proxy.

In the meantime, I have just connected a laptop to that network and it connects to the internet without issue.

The problem is confined to the 3 x Windows 2003 Servers.

Regs,
Bill.
0
sensored2008Commented:
well,
1. check if your  router has those servers  ip forwarded to that port when communicting  to port 80 or if have a gpo doing the  thing  
2. check if the software firewall enabled on those three servers and if they are configured to communicate to port 4594 or you have a gpo doing the  thing  
3. scan those machine for Threats(virus or trojans)
4. Check if host and network  files has been  edited by in anyway
5. check if there is any common software that might be act as  surf anonymous

awaiting your reply
0
mrwalker15Commented:
Can you run Wfetch to connect to an external address?

In the test above, you were trying to connect to the server itself but you dont have a webserver running so the test is not a good one.
0
Jims_Computer_ServicesAuthor Commented:
Hello mrwalker15, LyonJay and sensored2008,

Many thanks to everyone for your contributions.

In hindsight, it was probably relevent to mention the servers run AVG v8 and that I had already tried disabling it as well as disabling each of its components.

I have just completely uninstalled it and the problem is solved. I have since downloaded and installed the latest version and the the problem is still solved.

Grisoft have already responded to my support query with the following:
"
Please let us inform you that the issue was probably caused by one of our latest update. In order to fix the issue please check the following FAQ:

http://www.avg.com/faq.num-1561
"

Great! At least they admit to it!

I had already re-installed AVG before I got their response so, I didn't get a chance to test the fix described in their FAQ.

Anyway, simply for the huge amount of knowledge you three have bestowed upon me, I will divide the points evenly. I'd like to do more.

Many thanks,
Bill.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Programming Languages-Other

From novice to tech pro — start learning today.