Strange network issue - users cannot connect to websites, or they take long to load.

Posted on 2009-05-20
Last Modified: 2012-05-07
Hello there.  We are having some strange issues regarding connecting to websites from within our network.  And users connecting to our network using Logmein are also having problems, slow loading pages, or disconnects.  

ADSL - 8mb/512
Windows 2000 Server + MS Exchange.
Firewall handles the NAT.
100mb switch

Basically it either takes about x4 times as long to connect to a webpage - eg. the loading bar at the bottom of the page goes very slow.  Or the page times out, or we get disconnected (in the case when we try to use logmein)

Now the reason why I think this is strange, is that it only happens to certain pages - hotmail loads fine, quick.  Google loads fine, browsing seems fine.  I have run speed tests, they are fine.  I have called our ISP, they have done circut check, tested the lines, they seem fine.  I have run malware scans  on all PCs - checked that we have no one downloading or uploading big files.

I'm going to add wireshark to our server today.  The only thing I can think of is to reinstall all NIC;s on affected PCs.

Oh, and another thing - which may or may not be direct at this particular problem.  My boss suddenly cannot connect via Terminal Services from his home PC, nor logmein.  Again, this could be a problem locally to him, but he says everthing else is working fine.  Still, this might be another question.

Another option for me to try is to do a 24 hour line check and other diagnostics.  Are there any other applications that can help me see if its our network connection causing these slow-downs/disconnects, or its the actual sites themselves.   BTW: I have ping'ed, tracert to all listed sites,  all came back fine.    

Anyhoo - got any ideas of this one.  I'm getting calls every minute about people not being able to connect.  

Question by:SpencerKarnovski
  • 5
  • 3
LVL 17

Accepted Solution

ccomley earned 500 total points
ID: 24429688
Does your ISP run a proxy/cache? If so, can you choose not to use it?

Are *you* running a proxy/cache of any sort? Does the slowness persist if users go direct rather than through the proxy?

I very much doubt you have a problem with all your NICs.

You might have a problem with ONE of them causing excess traffic on teh LAN - try unplugging each w/s in turn and see if the rest suddenly get fast when you unplug a particular one. (Don't forget printers and anything else with a lan connection). Similarly, it may be a dodgy switch or a dodgy switch port.

I'm suspicious that it only affects certain sites, that's very odd. Is it *always* the same sites that are and are not affected?

Can you bring up the router status screen? See if it's dropping/reconnecting at any time it should not? see how much traffic it's passing when you think it should be quiet.


Author Comment

ID: 24429831
Hello ccomley

We are not connected to a proxy through our ISP, and nothing has changed in this regard as far as I'm aware.  However, I do on occasion get a proxy login box appear, but as expressed.  I really do not know where this is coming from.   Something for me to investigate!

This problem has only started over the page 36 hours though, and nothing from our normal setup has changed.  As for a dodgy switch port, could well be.  But, not all users are suffering from the slow connections/disconnects.  

It does seem that most sites that are unreachable are secure sites that have the user logging in.  Like connecting to online bank accounts, logmein etc..

I have been keeping an eye on the router status page, we have not be intermittently disconnecting.

Ok,  so to recap.  Areas for me to investigate are;

Poxy Server
Switch ports

Can you add to this list, thanks.
LVL 17

Expert Comment

ID: 24429866
ah - sites to which you "log in" are genreally "secure" (HTTPS) sites using SSL. The most significant point here is that they run on port 443 instead of port 80.

Could something be intefering with port 443 access?

I have to say, it smells badly of a misconfigured proxy, in this particular case, it's handling port 80 traffic most of the time but going badly wrong when a site "goes secure" and switches you to port 443.

And if you get occsional screens from a proxy server, that's even more suspicion that your traffic is going via a proxy somewhere. If you dont' have a proxy server configured in the browser setup, taht would suggest to me that the ISP has implemented a "transparent proxy" and is catchign and routing your web traffic through it without your knowledge.

If nothing at your end has changed I have to suspect something new at the ISP end...
Save the day with this special offer from ATEN!

Save 30% on the CV211 using promo code EXPERTS30 now through April 30th. The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.


Author Comment

ID: 24429930
Hey cc

I'm going to give my ISP a call now,  just to confirm if they are directing us through a proxy.  I just got another call from a user.

She uses a delivery service called interlink express, on this page she has to enter a load of data, then preses print - and then a lable is printed on her portable label printer.  

Now, strange thing is, she enters the data - then presses print.  After that suddenly the page jumps back to an empty data sheet.  This does this about 7/10.  It seems that browsing is ok, its just when my users have to enter some information, then click a button - thats when the browser slows down.

LVL 17

Expert Comment

ID: 24429990
I have to say, these are all classic signs of mis-behaving proxy server.  Works fine on "plain" pages, anything that goes secure, anuthing that has form-fill or returns data to the server, starts to be more difficult for the proxy to do properly...

Author Comment

ID: 24430810
Hi - I have called my ISP, and there are no proxy servers on our broadband line.

However, I just looked into the server logs and got this error.

"The virtual memory needed to run the exchange server is fragmented in such a way that normal operation is beginning to fail - we need to restart the exchange services".

So I then checked the Disk Management tool, and our drives are heavy de fragmented.  I did defrag a while ago, but it must have got cancelled.  Could a heavly fragmented HD cause the slowdowns previsously discussed?

Will be running a defrag tonight..

Another issue stated in the server event viewer.  

"Scope is 100% full with onlyl 0 IP addresses remaining".  

Also, just spoke to my boss and he said at 17:30 (leaving time for most staff) that the problems (connecting via logmein + TC) went away.  So this would indicate network congestion is a possible cause.  however, no workstation is download/uploading anything - i have run scans.

Again, could this be due to the load on a heavily fragmented server?


Author Comment

ID: 24637568
Well, turns out all these issue was caused by a highly defragmented hard drive on the server.  I had been running degrag, but always running this from an RD connection, so when I closed the RD window it stopped the defrag - even though there is a message saying the opposite.

However, I have also deframented the drive locally, and windows did not do a great job.  I installed disk keep pro and it fixed all the above issues.  It also speeded up the server,  and now my boss can connect via TC without getting disconnected.

Author Closing Comment

ID: 31583406
Good information was posted.

Featured Post

Now Available: Firebox Cloud for AWS and FireboxV

Firebox Cloud brings the protection of WatchGuard’s leading Firebox UTM appliances to public cloud environments. It enables organizations to extend their security perimeter to protect business-critical assets in Amazon Web Services (AWS).

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question