Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1959
  • Last Modified:

.net website not opening in my environment

Dear all,

I have a problem in my company environment, that is any website that is having .net extension is not opening. (www.speedtest.net) or something like this.
my environment is : Ms exchange server 2003 sp2 on ms windows server 2003 sp2.
isa server 2004 on ms windows 2003 server sp1.
and i am attaching my isa server policies screen shot also... Please check  order of policies are correct or not, and give some recommendations also for tuning.


isa-server-policies.JPG
0
nivasnet
Asked:
nivasnet
  • 16
  • 14
1 Solution
 
Raj-GTSystems EngineerCommented:
I don't see anything wrong with your ISA configuration. I am assuming what you meant was that you are unable to access domains with .net TDL. If that's the case, your problem is actually the DNS server and not ISA. Give me some more information on your DNS setup, I'll see what I can do.
0
 
nivasnetAuthor Commented:
hi,

Unable to access meaning here i am getting that page skelton only (please see the attachment speedtest.net webpage). It is happening only for domains having .net tdl.

i have two dns servers.
on the dns servers which information you require.
Please help me,


speedtest.net-webpage.JPG
0
 
Raj-GTSystems EngineerCommented:
That screen shot looks like your browser is loading the page without the stylesheets. The problem might not be the DNS after-all, can you try accessing the site using a different browser (firefox) and also from a different PC?
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
nivasnetAuthor Commented:
i tried in firefox also.. (see the attachment).and It is not happening only for my pc. All p.cs in my company having same problem.

speedtest.net-webpage1.JPG
0
 
nivasnetAuthor Commented:
As you thought earlier my dns servers having some problem, for finding this which information you require. i will give.

0
 
Raj-GTSystems EngineerCommented:
Open a command prompt on the DNS server and run dnscmd /enumzones and copy the output here
0
 
nivasnetAuthor Commented:
i am attaching dns server output.

dns-output.JPG
0
 
nivasnetAuthor Commented:
i have two dns servers, both servers response is same like above.
0
 
Raj-GTSystems EngineerCommented:
You don't have the resource kit installed so dnscmd will not work. Never mind, can you post screenshots for the below
a) expand your forward lookup zones in DNS MMC
b) output of ipconfig /all from a client PC
c) output of nslookup speedtest.net from a client PC
0
 
nivasnetAuthor Commented:
0
 
Raj-GTSystems EngineerCommented:
Your DNS setup is a little messy.

1. You have a local dns zone for .net with a single record alezelom, you need to remove this .net zone and create a new zone for alezzelom.net with an empty host record pointing to 10.0.0.105
2. The domain clients are using an external servers as their primary and secondary DNS, I am surprised your users aren't complaining about long log-on times. Change that and only use the local servers 10.0.0.2 and 10.0.0.4 for DNS resolution. You can use forwards or root hints in your local DNS servers to allow them to browse the internet.

3. nslookup is fine

Now, I will also need an ipconfig /all from your ISA server so we can nail this once and for all.
0
 
nivasnetAuthor Commented:
hi,

There is no pc or server having ip address 10.0.0.105. Why it is used 10.0.0.105.
Why our users used external dns servers as thier primary and secondary dns, because  if they are using local servers they are not able to browse some websites, i mean 'page not displayed error" is coming. to avoid this they are using external dns servers.
 
isa-server-ipconfig-output.JPG
0
 
Raj-GTSystems EngineerCommented:
1. Delete the .net zone from your DNS server
2. Remove ISP DNS from users' machines
3. Remove any forwarders you have in your DNS Server (right click servername and properties > forwarders tab) and setup your ISPs IPs as forwarders there
4. Edit ISA external interface and remove DNS server entries from the external interface

That should do it.
0
 
nivasnetAuthor Commented:
hi,

i have two dns servers, do i need to delete .net zone both places....
i am getting one messge while deleting net zone. (see the attachment)
how to find forwarders in my dns server.
After removing dns servers in external interface on isa server also 'obtaining dns servers addresses automatically is not enabling"  Is it ok ?



while-dns-.net-deleting-message.JPG
after-removing-dns-servers-in-is.JPG
0
 
Raj-GTSystems EngineerCommented:
You can ignore the error and delete it, it will be deleted from both DNS servers.
You will find the forwarders if you right-click the server name in the DNS MMC and select Properties.
The ISA will use the internal NIC for DNS resolution, so you can leave the external empty.
0
 
nivasnetAuthor Commented:
do i need to wait some time ? because
i followed exactly....
but problem still same....
0
 
Raj-GTSystems EngineerCommented:
Yes, it will take some time, depending on your configuration. You can speed things up by clearing the cache in your DNS servers (right click server name - Clear cache) and either restarting or running ipconfig /flushdns on the ISA and the client PCs.
0
 
nivasnetAuthor Commented:
I clered cache, and i tried today also.... problem not resolved...

what we can do ? other than DNS, Is there any other reason for this ?
0
 
Raj-GTSystems EngineerCommented:
Can you give me the nslookup www.speedtest.net and ipconfig /all outputs from the ISA server and a client pc again please.
0
 
nivasnetAuthor Commented:
0
 
Raj-GTSystems EngineerCommented:
The configurations look alright, did you restart the ISA server and clear cache on both DNS servers?
0
 
nivasnetAuthor Commented:
s, i did but same problem
0
 
Raj-GTSystems EngineerCommented:
Can you try using some other .net site.
0
 
nivasnetAuthor Commented:
i tried lot, maximum not opening....

0
 
Raj-GTSystems EngineerCommented:
Can you monitor and copy the logs from ISA Server for one of the .net sites please? I would also like to see a new screenshot of a .net site loaded va IE as well.
0
 
nivasnetAuthor Commented:
ok
i am attaching one isa server screenshot.
In the dashboard i found not configured as (AD,DHCP,DNS,OTHERS)
Is that reason ?
if so how to configure ?

0
 
nivasnetAuthor Commented:
sorry i didn't attach above

isa-dashboard.JPG
0
 
Raj-GTSystems EngineerCommented:
No, that's not a problem. Are you able to browse these sites from your ISA Server? I don't think ISA can selectively diable stylesheets to certain TLDs in this manner. It might be that your AV or something else running on the PC intercepting the HTTP traffic. Can you try disabling your AV/anti-spyware and try again?
0
 
nivasnetAuthor Commented:
I am not able to browse these websites even from my isa server also., for testing purpose i completely removed my AV, i tried problem still same.
0
 
Raj-GTSystems EngineerCommented:
Casn you supply the ISA Logging output for a .net site browsing session from the client?
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 16
  • 14
Tackle projects and never again get stuck behind a technical roadblock.
Join Now