• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 232
  • Last Modified:

Unable to ping 2003SBS but can still access it ok

We have a 2003sbs that is unable to be pinged from any other server except itself.
All clients can access the server via IP or name resolution, but nobody can ping the server via IP or name.
Event Viewer seems ok, there are no additional firewall programs, or ISA.

Has anybody any ideas what i can check next?
0
total123
Asked:
total123
  • 19
  • 13
  • 2
  • +1
2 Solutions
 
Chris DentPowerShell DeveloperCommented:

If you run the command below does it give you a lovely blank screen at the command prompt (replace sbsserver with the server name or IP)?

telnet sbsserver 389

Or does it give you a time-out message?

If it's a blank screen then connectivity is fine and I would have to suspect that something is blocking ICMP traffic (used by Ping). That could be either on the clients or on the server, the Windows Firewall is the obvious first candidate for the client-side.

Chris
0
 
total123Author Commented:
from the server i get a white box appearing with 0: telnet 192.168.1.x 389 within the cmd box?

0
 
total123Author Commented:
i have just been looking through the event viewer logs again, and some days ago stumbled upon the event id- 4521 in DNS, saying that the "DNS server encountered 32 errors whilst attempting to load the zone from Active Directory"
There appear to be numerous events with the sam eerror. Not sure how i missed that the first time around.
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
jar3817Commented:
"there are no additional firewall programs"

What about the built-in firewall in server 2003, is that enabled? If so, you can add an exception for ICMP traffic (pings)
0
 
Chris DentPowerShell DeveloperCommented:

The errors won't be relevant to Ping. Especially not if "nslookup servername" gives you the IP, and pinging by IP also fails.

Could you run the command from the command prompt on one of the network clients that's failing to ping?

Chris
0
 
total123Author Commented:
on client pc, times out with the error "could not open connection to the host on port 389. COnnection failed"
0
 
total123Author Commented:
the server Windows Firewall is disabled, as is my client that i am testing it with.
0
 
jar3817Commented:
Do you have a speed or duplex mismatch perhaps between the switch and the server?
0
 
total123Author Commented:
we have 2 servers that connect to a Gigabit switch that piggy backs on to a 24 port 3com switch
0
 
Chris DentPowerShell DeveloperCommented:

Speed / Duplex mis-match would push the connection down to the lowest common denominator, but it shouldn't stop ICMP.

I still think something is blocking the traffic, especially if the "telnet" command I gave you works (which tests a connection using TCP).

It's not likely, but what about AV software? It would be the first time I've seen it block Ping, but it's not beyond the realms of possibility.

Chris
0
 
total123Author Commented:
i have disabled (for testing) the AV- Symantec Antivirus for Business.
0
 
Chris DentPowerShell DeveloperCommented:

I'd go further and suggest you uninstall it entirely for testing. AV rarely completely disables all its components, especially not those that plug into the network.

I take it using Telnet worked and you got a connection to the server?

Chris
0
 
total123Author Commented:
from client Telnet timed out, from server it did not time out, but oddly did not produce teh usual screen, Just sat there
0
 
Chris DentPowerShell DeveloperCommented:

Sitting there is exactly what I expect it to do :)

When you said this:

> All clients can access the server via IP or name resolution

What can they access?

Chris
0
 
total123Author Commented:
they can access emails, data, browse the shared folders, basically the system/network seems to be working without any probs, bit slow perhaps but nothing out of the ordinary.
0
 
Chris DentPowerShell DeveloperCommented:

Then it has to be something on the network level actively blocking access rather than anything else.

Has it ever allowed you to ping?

Chris
0
 
total123Author Commented:
I assume so, know that is a bit vague, but we have only just taking this customer on as a client.

I have run Wireshark on my clinet pc and on the server, so will go through that tonight, and report back
0
 
Chris DentPowerShell DeveloperCommented:

Okay, cool. It is a bit odd, I'll certainly give you that :) But if everything else works then it has to be a block rather than a malfunction.

Chris
0
 
total123Author Commented:
glad i can provide "interesting" problems!

could do with it being sorted soon, as we have a 2008 server that is going in as soon as this problem is solved.

Many thanks for your help so far.
0
 
ChiefITCommented:
Multiple nics on either of the computers you are pinging from or to?
0
 
total123Author Commented:
No, there are no multiple nics.

The wireshark report from both the server and teh client highlighted the fact that ICMP communication was unreachable, type 3 port unreachable.
i can upload the report if it would be useful?
0
 
Chris DentPowerShell DeveloperCommented:

Presumably you saw the outbound ICMP request from the client? Did that turn up at the server?

Chris
0
 
total123Author Commented:
on the server it acknowledges the fact that the client pc is sending a ping request but there are no replies to the client.

0
 
Chris DentPowerShell DeveloperCommented:

Okay, interesting, so something on the server is preventing the reply. At least that rules out  the clients from being the problem.

Can the server ping itself? Or does that fail as well?

Chris
0
 
total123Author Commented:
pings itself via IP or name fine.
All clients are unabel to ping the server eitehr way
0
 
Chris DentPowerShell DeveloperCommented:

Can you check the IP Filtering under TCP/IP Properties, Options, TCP/IP Filtering?

I'd be surprised to see it set, but something must be somewhere.

Chris
0
 
total123Author Commented:
Everything is disabled under TCP/IP Filtering (no tick)
0
 
Chris DentPowerShell DeveloperCommented:

Hmmm it can't be basic IP configuration if everything else (file shares, DNS, etc, etc) works. Which leaves me convinced it's being blocked somewhere. I'm sure that's quite annoying :)

What else is installed on the DC?

Chris
0
 
ChiefITCommented:
Windows firewall has a exception on it to allow ICMP echo requests. I know you travelled down this road. But, I have seen where Windows firewall was turned off, and if you go into services, you can find it running, or it is still running in the background. The firewall is flaky that way.

Go to Windows security>>Windows firewall>>advanced tab>>ICMP traffic>>and check mark Allow ICMP echo requests
0
 
total123Author Commented:
ChiefIt I will check that when i return to site.
Chris- its SBS so Exchange, Symantec BackupExec, Symantec Endpoint Protection, Symantec SMSME, Terminal Services, nothing else. And yes, it is annoying for no other reason that until its sorted we cant deploy our 2008SBS
0
 
Chris DentPowerShell DeveloperCommented:

Hmm interestingly enough there are a few others with the same problems and Endpoint Protection.

Can you try to disable Network Threat Protection? That's the firewall component of Endpoint Protection it seems.

If it works with that disabled it should just be a case of assigning reasonable policies for that. I can't be more specific I'm afraid, using McAfee here which doesn't have this feature :)

Chris
0
 
total123Author Commented:
i am going to remove the entire AV install from the server and see what happens, will advise when customer has completed the reboot.
0
 
total123Author Commented:
i have now removed AV product and disabled, the Symantec MAil Security for Microsoft Exchange, but has made no difference.
0
 
Chris DentPowerShell DeveloperCommented:

Has it removed all of it? It installs a network driver component with that lot, I wonder if there's any of it left.

Chris
0
 
total123Author Commented:
can not find any traces of it within the services.msc, and no background processes connected with Symantec are running.
0
 
total123Author Commented:
Problem was solved by Microsoft, who identified that Symantec Network driver was still installed under Device Manager, System Devices.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 19
  • 13
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now