Windows network half functional

I've an odd one. I have a windows 2003 server machine that is configured for a LAN (10.1.134.?/24). From the machine, I can interact with the network (internet browsing, pinging, etc), but I can't contact it from another machine on the LAN. The windows firewall is not enabled (by default).

I used nmap to scan open ports on the machine and nmap just sits and spins. The switch infrastructure knows the system exists (arp tables are populated).

It's behaving as if the system will not respond to anything it didn't initiate.

I've switch network cables, network interfaces (there are two interfaces on the system),ports on the switch it's connected to, connected to a different switch. I've connected it and another system to a dumb, isolated switch and that doesn't work.

I've also set it up to used dhcp. It successfully receives configureation information fro the dhcp server, but behaves the same as static settings.

I'm not even sure where to start looking (aside from the network configuration which appears to be fine).

Any pointers would be appreciated.

Thanks,

John  88{Q
tcengineerAsked:
Who is Participating?
 
MikeGGGCommented:
Please do the following:
- download the Knoppix Live CD from www.knoppix.com
- connect your target computer to a network where he will be able to obtain DHCP IP
- Boot your target computer from this CD
- check if your network card is recognized
-  check if you got the IP configuration
- check the connectivity

If you are successful, we should agree that you have some kind of firewall on your server, maybe some rootkit, I am out of ideas - your computer is not visible from here :)
0
 
MikeGGGCommented:
I would start ON BOTH MACHINES with:
- checking if both machines are in the same subnet
- routing table?
- clearing ARP table?
- HOSTS file?


0
 
tcengineerAuthor Commented:
I've cleared the arp tables on the systems and the pertinent switches. I've verified the routes are correct on each machine. Each host file only has "localhost at 127.0.0.1".

I've tried the "other" machine on the same subnet and a different subnet.
0
Cloud Class® Course: Amazon Web Services - Basic

Are you thinking about creating an Amazon Web Services account for your business? Not sure where to start? In this course you’ll get an overview of the history of AWS and take a tour of their user interface.

 
tcengineerAuthor Commented:
Another data point:

I booted the target system into safe mode with networking and it still behaves the same way.

I also have the target system and another laptop connected together via cross-over cable, just to get the network infrastructure out of the mix.
0
 
MikeGGGCommented:
So, just to clear the things.
Lets say your computer is A, Target system is B
A can communicate with B but B cannot?
Can B communicate with other networked components?
Already tried to boot B from some Linux/WinPE CD?
0
 
tcengineerAuthor Commented:
I refer to the "target" system as the one that can communication with other systems on the LAN and the internet, but no system can communicate with the "target" system.

I have not tried booting from a linux CD.

I've run wireshark on the target system, and I can see broadcast traffic but no other.
0
 
MariusSunchaserCommented:
Hi there.

From your brief description, this is definatelly a firewall problem.
Follow these steps:
1. Boot from a live CD.
If the problem persists, then it is not because of the computer. You should check your network firewalls.
2. If the problem is solved, then it is something with the computer. Check for other softwares installed on the computer with firewall capability (usually antivirus - I had a computer that had comodo installed, and even after uninstall some parts of comodo continued to block ports).
0
 
tcengineerAuthor Commented:
The reason I booted in safe mode with networking was to try and eliminate the possibility of a firewall being the culprit. The behavior still exists when in safe mode with networking.

By "Live CD", are you referring to a linux boot CD?

Currently, the system is isolated from the infrastructure and is connected directly to another system via cross-over cable. It has minimal network configuration (e.g. 169.254.?.?/16), Microsofts' default network configuration when link is sensed but no dhcp server is present.
0
 
MikeGGGCommented:
Please check if you have any IP Security Policy applied on your server
0
 
MikeGGGCommented:
sorry, the link is here
0
 
MikeGGGCommented:
>>By "Live CD", are you referring to a linux boot CD?
you can boot from any "Live" CD, for example, Knoppix, or from BartPE,
Most important - your network card should be known for this version of boot CD so I would recommend latest version of Knoppix
0
 
MariusSunchaserCommented:
Any Live CD you have there. I am using Knoppix.

Ahm, you will not be able to communicate with a crossover with 169.254.* IP. If you want to test with crossover, set manual IP with 192.168.1.1 and .2, for example.
0
 
tcengineerAuthor Commented:
MikeGGG: I'll look into the IPSEC configuration and let you know.

Marius: I currently have the problem system (win2k3) and a vista laptop connected to each other via a crossover cable. I have the NICs configured to get their IP settings automatically.

The servers' settings:
IP Address: 169.254.41.152
Netmask: 255.255.0.0

The laptops' settings:
IP Address 169.254.175.21
Netmask: 255.255.0.0

The server can ping the laptop, but the laptop can not ping the server.

I'm running the server in safe mode with networking.
0
 
tcengineerAuthor Commented:
MikeGGG:
I checked the IP Policy settings and they are identical to another win2k3 server I have on the network that DOES NOT behave the same way as the trouble server.

In fact none of the rules are "assigned".
0
 
MikeGGGCommented:
The only idea I see now is to disable your existing network card, install another one and check from OSI Level 1 to Level 7 :)
0
 
tcengineerAuthor Commented:
Yike! Nothing is ever easy.

I think I'll try deleting the NICs and reinstalling the drivers, to see if that will help.

I'll let you know....

John  88{Q
0
 
MariusSunchaserCommented:
tcengineer: 169.254.* is not a valid IP.

Why do you configure 2 computers to get IP through DHCP if there is no DHCP server available?
As I said, if you connect them via cross-over, set them a static IP in the same network!
Please update.
0
 
tcengineerAuthor Commented:
I set static IP addresses in the 192.168 range and retested, with the same behavior.

I also updated to the latest drivers for the NIC and retested with the same results.

I will be away from the computer today but will pick it up again tomorrow.

John  88{Q
0
 
tcengineerAuthor Commented:
MikeGGG: I'm out of town but will be able to try your suggestions next week when I get back. I've resigned to try your suggestions and if they don't work, I'll rebuild the system.

I'll make a note of what the I end up doing.

Thanks for your patience!

John  88{Q
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.