HTTP Traffic in Vista Ultimate stops working - All other traffic fine

The only "extra" stuff I have that is in this category is the Cisco VPN client, System Mechanic 8, Advanced System Care, CCleaner, and I did have the software below on at one time but it has been since removed gracefully. VMware Server 2.0, Zone Alarms.

Another strange thing is the default NIC which was an onboard GB nforce adapter just lost it's driver and will not take a new one. I had to install a 3Com NIC I had laying around. It does indeed have the latest drivers. I am familiar with telneting to specific ports and I can tell you that I can't even get to the web management of my wireless access point or other things that use standard HTTP ports like my website that I host internally (on the same LAN). That helped me determine it was just my machine and only HTTP because I can FTP at any time, SSH, etc without any issue.

As for the event viewer, I haven't seen a single mention of anything related or note worthy but I have to admit I check things before I reply and I just found something interesting. The following was logged right when I just lost connectivity and posted after a reboot.

Information      2/21/2009 1:33:23 PM      Service Control Manager Eventlog Provider      7036      None
The WinHTTP Web Proxy Auto-Discovery Service service entered the running state.

That looks RIGHT in line with the issue of when it kicked in. It's a manual start service which I just set to disabled. I wonder if that will help me. I could hypothosize that the service things it finds a proxy server and changes my settings dynamically to use it which is what causes the failure. I am going to keep an eye on this for a few days and if this is the reason then I'll give you the points for helping me look around again. :)

WinHTTP WPAD - Well-spotted!
Rather than disable it just yet, leave it on manual and then next time browsing plays up, try this from a command prompt:
netsh winhttp show proxy
That will show if WPAD has set a proxy for some reason.
Mine currently shows:

Current WinHTTP proxy settings:
    Direct access (no proxy server).

If this doesn't help then I do wonder whether you've got something odd left over from either ZoneAlarm or VMware.
You could add the system environment variable
devmgr_show_nonpresent_devices = 1
and then select to view the hidden non-PnP devices in Device Manager and uninstall things that you can clearly identify as being to do with either of those products.

Is System Mechanic a registry cleaner?  I have no faith in their being safe at all...

Finally, your network card issues are worrying too.  I wonder why the onboard NIC has played up.  I might be considering (for the time being) removing the Cisco VPN software, reinstalling NForce Chipset drivers etc.

Hi Again,
Despite disabling this I found that I still lost connection tonight when I got home from work and was surfing and it went out. I checked the event log and noticed about every 25 minutes I am seeing messages regarding DHCP.

Information      2/23/2009 8:47:25 PM      Dhcp-Client      1103      None
Your computer was successfully assigned an address from the network, and it can now connect to other computers.


I also found this at the time it went out for a few minutes after even rebooting.

Information      2/23/2009 5:33:45 PM      WLAN-AutoConfig      4000      None
WLAN AutoConfig service has successfully started.

Information      2/23/2009 5:33:45 PM      Service Control Manager Eventlog Provider      7036      None
The WLAN AutoConfig service entered the running state.

Information      2/23/2009 5:33:45 PM      Service Control Manager Eventlog Provider      7036      None
The Wired AutoConfig service entered the running state.

Error      2/23/2009 5:33:44 PM      Service Control Manager Eventlog Provider      7000      None
The Microsoft IPv6 Protocol Driver service failed to start due to the following error:
The system cannot find the file specified.

It will work fine and then drop out but my connections other than HTTP stay fine. Is there anything else you can think of for me to check when it's happening? I couldn't get to the net to find your suggestions on checking the proxy and I was frustrated and should have done a better job at working on this. :(

Recycling the originaly suspected service and base filtering provided no difference at all. My IP also has NOT changed in months through DHCP as I check it upon booting and after issue arise out of curiosity.

p.s. I have a Cisco Pix firewall but the other computers are fine. I don't think it matters but it was worth mentioning.

Do try the   netsh winhttp show proxy   when it next misbehaves.

With your having issues after boot, I'm wondering if the problem is between the Vista networking stack and your networking hardware.  Your problems remind me of weird issues I had with a Vista laptop on a Belkin wireless router (eg HTTPS not working on some sites).  I never did get it to behave (I'm sure the issue was router firmware) but there were various things I tried doing to the Vista networking stack that it might be worth your trying that can help such situations:

1. Reduce your MTU:
 - netsh interface ipv4 show subinterfaces
 - in there you'll see the current MTUs - note them down along with their interface names
 - change the MTU for the interface(s) you are using (ignore the weird loopback one) - specify the interface name:
   -  netsh interface ipv4 set subinterface mtu=1400 subinterface="local area connection" store=persistent

2. Disable receive window tuning:
 - netsh interface tcp show global
 - note down the current setting for "Receive Window Auto-Tuning Level" - probably "normal"
 - change the setting:
   - netsh interface tcp set global autotuninglevel=disabled

Reboot and see if it's made any difference.  If not, set them back.
If it works, you might want to experiment to see if you need one or the other or both of them.  If it's MTU, you'll probably want to play around with it to find what's optimal for your network, but that's another question!

Hello,
I am typing this from my work computer as I can RDP and copy paste into it just fine but I cannot get to the site directly as my Vista computer is continuing to be stubborn. I have done the things you suggested as pasted below and will reboot and let you know if that helps at all.

C:\Users\pdrew>netsh winhttp show proxy

Current WinHTTP proxy settings:

    Direct access (no proxy server).


C:\Users\pdrew>netsh interface tcp show global
Querying active state...

TCP Global Parameters
----------------------------------------------
Receive-Side Scaling State          : enabled
Chimney Offload State               : enabled
Receive Window Auto-Tuning Level    : normal
Add-On Congestion Control Provider  : none
ECN Capability                      : disabled
RFC 1323 Timestamps                 : disabled


C:\Users\pdrew>netsh interface tcp set global autotuninglevel=disabled
Ok.

This is so frustrating for sure. Last night I was working and under a timecrunch via RDP to my work computer so I didn't bother rebooting and then HTTP started working again randomly.

I am fairly sure this has something to do with DHCP as it's the only log entries that keep coming up saying I can connect again to the network about every 25 minutes. I came down to my computer this morning and had a 169 auto-private ip address. Releasing and renew just locked up the computer and never finished. I had to hard power it off with the button on the tower.

I did that broadcast flag thing for DHCP mentioned in the link below.
http://support.microsoft.com/kb/928233

.... ok what I love about this site is that it forces me to double check myself. I had "DhcpConnForceBroadcastFlag" instead of "DhcpConnEnableBcastFlagToggle" and even then I didn't read it fully as I had it set to 1 instead of 0. I'll give this a try now.

p.s. Please don't think I am stupid. I'll just pretend to think I am overwhelmed with work and human. :)

Interesting!  I think you might be on to something with that DHCP issue given you got an APIPA address earlier.  But I don't understand why it would go on to affect only HTTP traffic...

Well when that happens I lose ALL connectivity so it might be another issue that is poking it's ugly head out. When the HTTP traffic stops working I still have my same 192.168.0.42 IP as always. I'll keep posting. Thanks for your continued interest and support on this.

I have another update. I got home from work last night (been working 14 hour days lately) and DNS isn't working but I can do anything as long as I have the IP which includes playing games on Steam or surfing sites on my local lan. (I have them in my hosts file)

Check out the results of a nslookup even after restarting the DNS Client service
C:\Users\pdrew>nslookup www.google.com
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  192.168.0.13

DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
*** Request to UnKnown timed-out

Yet, that DNS server (192.168.0.13) is where I am RDP'd into to make this post and it's working like a champ and has no firewall on.

C:\Documents and Settings\Administrator.RED>nslookup www.google.com
Server:  localhost
Address:  127.0.0.1

Non-authoritative answer:
Name:    www.l.google.com
Addresses:  209.85.133.104, 209.85.133.147, 209.85.133.99
Aliases:  www.google.com


C:\Documents and Settings\Administrator.RED>ipconfig

Windows IP Configuration


Ethernet adapter Local Area Connection 2:

   Connection-specific DNS Suffix  . :
   IP Address. . . . . . . . . . . . : 192.168.0.13
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.0.1

Where it gets even nuttier is that I am able to run a 'telnet 192.168.0.13 53' as well as 'telnet red 53' and it wil respond.

Something in general in my networking stack on this computer has to be jacked or something. Any chance you have any thoughts on this? I feel like I am chasing my tail which is how I have felt for weeks now with no real smoking gun and just lots of smoke. :)

Check which interfaces your DNS Service is set to listen on to answer requests.

The only thing that's worrying me here is that you mention VMware ESX (which I've not used) - maybe it's all an issue to do with its handling of your guest PC's networking and we're going to be forever going round in circles doing things to the guest machines?

On a normal XP PC, you can reset various parts of the network stack with:
netsh interface ip reset log.txt
netsh winsock reset
(The syntax is slightly different on Vista.)

I've never tried this on a server to know whether it could have unexpected effects there...

Hello again,
Since the DNS issue I rebooted and nothing has come back up yet. VMware ESX is where my servers are parked but not my desktop. My desktop is 100% Vista Ultimate (32 bit). All the other computers on my network have any of the issues that I have been experiencing and to be sure I actually go around testing them to be sure of it. If this messes up in the next day or two I'll give resetting winsock a try.

..... ok as I was typing the above I lost HTTP again similar to how I reported it in the past. I reset winsock on the command line and restarted. I'll let you know if I find anything funky in the event log when I get home tonight. Thanks.

I am afraid I might have to just install again from scratch. I can't keep a connection to the internet to save my life on this computer. It's going between DNS problems, to DHCP issues, and back around to the HTTP issues with no ryhme or reason. I am losing my mind on this. :(

I was hoping that I could have found something by now but so far no smoking guns and just a wild goose chase. I was listening to pandora a second ago surfing and actually just READING a page that was already up and pandora stopped not being able to connect.

I did try and connect via Cisco VPN after loading the page so perhaps an uninstall of that will help. That is what I'll be trying next.

After thinking some more on this I realized that this only seems to happen when I am on the VPN to work or WAS on it previously. I uninstalled the Cisco VPN and have so far had no problems. I am going to let it continue to bake-in for a few days and see if it comes back or not.

Still working like a champ.....

Sounds promising.  I'm glad you appear to have located the root cause!

I sure hope so. I was starting to lose my mind. I can just use my laptop for VPN even if it's less friendly I can deal without it much easier than the problems that I had with it. So far still so good.

While your comments didn't directly solve my issue you helped me eliminate things and find the appropriate resolution. This is why it was marked as a "B" and not an indication of effort. In the end the issue appears to have been the Cisco VPN client which once removed all my issues have been completely non-existent. Thanks for your continued help.

2drews, is it still working with VPN removed?  I'm having the same problem on my Vista PC.  I don't have VPN installed.  Just curious if it's still working for you.

it will still wigg out on ocassion but i find opening a second broswer such as chrome or firefox will get things moving again without the need to reboot. i never installed the cisco client again and things have been relatively quiet since its removal.

Hi! I have recently come across the same problem. All of the sudden vista won't display websites until the next reboot. Unfortunately none of the above helped in my case. It's weird because some websites (like this one) will run, some of them will only display some text elements but the vast majority is are blank with 'Ready' displayed in the status bar (both IE8 and FF3).
I have checked all the above and there is no difference anywhere when the websites work and when they don't. Funny because my modem's page is not displayed properly - buttons are missing.
Another thing is that I can't ping my own IP address nor the DNS. I can ping everything else including my modem.
Please help...

Paweld. You need to ask your own new question detailing your issue. This will not be seen by anyone other those who responded to this question.

Chris B