Solved

Some computers on my network can't access www.careerbuilder.com website and others can.

Posted on 2009-07-08
29
1,844 Views
Last Modified: 2013-12-08
I have a strange issue. Some of the computers on my network can't access the Career Builder web site and others can (www.careerbuilder.com). All of the client computers are receiving their DHCP information from the same DHCP server so they have all of the same I/P and DNS settings.
Now to make it more complicated, my computer is one of the computers that "cannot" access the website. But if I plug into my Verizon Aircard then I can access the web site. I have also tried while on my network manually entering the DNS server to be used as the public DNS server 4.2.2.2 and still I can't access their website.
So it is not an issue with my computer since I can access the site when using my Verizon Aircard, it is not an issue with the network as most computers can access the site while on the network and it is not a DNS misconfiguration because I still can't access the website using public DNS.
This is the only website that we have found that we have this issue with???

I'm at a loss...
0
Comment
Question by:premillard
  • 14
  • 7
  • 4
  • +2
29 Comments
 
LVL 5

Expert Comment

by:tdukie13
ID: 24806901
Hi,
Have you tried an "ipconfig /flushdns" from a command line on the affected machines? Could have some stale information...

Best,
T
0
 
LVL 2

Author Comment

by:premillard
ID: 24807056
Yes, I've tried that.
0
 
LVL 5

Expert Comment

by:tdukie13
ID: 24807255
What about a ping of www.careerbuilder.com?
0
 
LVL 2

Author Comment

by:premillard
ID: 24807291
I have run ping tests and they are resolving the IP correctly.
I have run Trace Routes and the route is the same on both computers one that can and one that can't access the site.
0
 
LVL 2

Author Comment

by:premillard
ID: 24807313
I hit submit to quickly.
I meant to add that i have even tried putting the IP into IE instead of the URL to verify weather it was a DNS issue or not and it still cannot connect using the IP address.
0
 
LVL 9

Expert Comment

by:jfer0x01
ID: 24807373
have you tried nslookup to careerbuilder.com?

if you can ping the name to an ip, can you vistis the site on bad machines via the ip address?

are you sure the browsers on the bad machine aren't configured to use a proxy connection

can you telnet to the careerbuilder.com on oprt 80 from the bad machines and do a banner grab?

telnet careerbuilder.com 80

on the bad machine

and write any thing and a couple of enter's

Jfer
0
 
LVL 5

Expert Comment

by:tdukie13
ID: 24807380
Are you using a proxy or secondary gateway?
0
 
LVL 2

Author Comment

by:premillard
ID: 24807724
Here is the results to the nslookup from a bad machine. It looks fine.

Microsoft Windows [Version 6.0.6001]
Copyright (c) 2006 Microsoft Corporation.  All rights reserved.

U:\>nslookup careerbuilder.com
Server:  servad.agmotion.com
Address:  172.16.0.12

Non-authoritative answer:
Name:    careerbuilder.com
Addresses:  208.88.80.22
          208.82.5.22
          208.82.7.22
I cannot visit the site using the IP address from a bad machine.

I can telnet to careerbuilder.com but I don't receive anything back. Should I be seeing their banner returned to me?

Also, we are not using proxy and I have verified to make sure that IE wasn't accidentaly set to Proxy.
0
 
LVL 6

Expert Comment

by:ahmad2121
ID: 24807778
careerbuilder website tries to figure out where you are, so it needs certain information about where you are coming from, usually provided by the webbrowser. It's possible that if this information is blocked, it wouldn't go through.

Now why it works on a different network card, that could be explained by having different network zones configured through your firewall.

Disable all and any firewalls, then try to access the site. Also if you are using strong privacy filters in your webbrowser, try disabling them.
0
 
LVL 2

Author Comment

by:premillard
ID: 24808342
I tried disabling all of the Network Cards other than the one I am connected to, still nothing.
I do not have the firewall turned on because we have a network firewall that all the machines sit behind which obviously isn't blockinng the rest of the computers from getting through.
I also tried disabling all non Microsoft services in the MSConfig to make sure it wasn't a software conflict.

When you say try dissabling privacy filters what could those be and how would I disable them?
I am running IE 7.0.6001 on Windows Vista.

Thanks,
0
 
LVL 6

Expert Comment

by:ahmad2121
ID: 24808448
Sometimes certain toolbars/plugins disable certain header information from being sent to the website.

But that wouldn't make sense if on the same computer you can connect through a different network and you don't have any specific firewalls.

this is what I would do:

1. clear all cache and cookies to make sure this is not the culprit.
2. get Paros http://www.parosproxy.org/index.shtml or wireshark and compare requests/responses from the working and non-working machines.
3. Reset all TCP/IP settings (easiest way is to uninstall nic driver then reinstall)
4. disable TCP/IP v6
5. change your mac address

if none of the above works then I have no idea what would.
0
 
LVL 2

Author Comment

by:premillard
ID: 24808540
Thank you, I have to head out to my son's baseball game.
I will try this in the morning and let you know.
Much appreciated!!
0
 
LVL 9

Expert Comment

by:jfer0x01
ID: 24808935
Hi

when you connect to telnet

do you get a blank screen?

that means it can establish the connection

try i different browser like firefox

that way we can rule problems out

Jfer

0
 
LVL 2

Author Comment

by:premillard
ID: 24809930
I do get a blank screen like it is connecting. I will try and download Firefox and try that out. Great suggestion.
Thanks,
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 
LVL 2

Author Comment

by:premillard
ID: 24813857
I'm stumped...
I downloaded Firefox and it doesn't work from the bad computers either.
0
 
LVL 5

Expert Comment

by:tdukie13
ID: 24813943
Put a static A record in DNS, not ideal but may do the trick.

Best,
T
0
 
LVL 2

Author Comment

by:premillard
ID: 24814077
I had already tried entering it into my host file and that still didn't work. Same end result as entering a static A record in DNS.
It is resolving the DNS but just doesn't open up the web page.
0
 
LVL 9

Expert Comment

by:jfer0x01
ID: 24819495
Ok,

put http://208.82.5.22

this is the ip for CB i found after nslookup

Are you the admin of the net by any chance?

Are the machines that are bad in same subnet?

Can you assign static ip to machine, with DNS of your Dns server?

I believe this can be a Layer Three Issue, since you mentioned u cannot visit by ip

Move the machine outside of company firewalls if possible, to the closest device to the ISP


Jfer
0
 
LVL 9

Expert Comment

by:jfer0x01
ID: 24819500
I think maybe someone doesnt want u getting a new job!!
0
 
LVL 2

Author Comment

by:premillard
ID: 24823669
No doubt!! It's actually our CEO who is trying

I am the Domain Admin. I tried using the static IP for CB. I also tried giving the computer a static IP and even tried using public DNS 4.2.2.2.
0
 

Expert Comment

by:YourPCMedic2
ID: 24823729
Is everything on the network going through the same router/security appliance? Take a tower/laptop that is not working, and move it to a station that IS working. hook it up there and see if it makes a differnece. If it does, then it could be a hardware firewall issue.
0
 

Expert Comment

by:YourPCMedic2
ID: 24823776
"I'm stumped...
I downloaded Firefox and it doesn't work from the bad computers either."

  Why would you have expected it to? We have allready established that it is not a browser issue, because you can connect while using your aircard. It has to be something on the network end as the problem goes away when you bypass your network. I wish people would stop perpetuating this myth that firefox is somehow better than I.E. It just isn't true. Cut it out.
0
 
LVL 9

Accepted Solution

by:
jfer0x01 earned 500 total points
ID: 24823961
Try to move devices beyond firewall, closets to ISP,

Jfer
0
 
LVL 2

Author Comment

by:premillard
ID: 24825011
Well, I went ahead and kept moving closer to the ISP. Makes sense but the only reason I didn't before was because we are all on the same subnet and we all connect through the same security appliance, a cisco PIX 515E. As it turns out once I put my computer (a bad one) on the other side of the PIX I was able to pull up the site.
Why would the PIX cause issues with only some of the comuters connecting to the side? Should be all or none??
So should I get Cisco on the phone and see what they have to say? Seems like my only option.
0
 
LVL 9

Expert Comment

by:jfer0x01
ID: 24826599
Nope,

just make sure the to view what effective policies the pix is pushing onto the subnet group

i figured that the bad ones where in the same subnet,

in any case check the logs on the Pix, as you load the site, post the failure or block reason

Jfer
0
 
LVL 2

Author Comment

by:premillard
ID: 24826668
Again, all computers are on the same subnet. All policies affect all computers.
I will see if I can get a log from the PIX.
0
 
LVL 9

Expert Comment

by:jfer0x01
ID: 24891140
any progress?
0
 
LVL 2

Author Comment

by:premillard
ID: 24897636
Sorry I was on vacation for 3 days.
Here is what I am getting from the PIX whenever I try and access the web site. Note: the 172.16.0.77 IP address is my computer's IP address.

305006: regular translation creation failed for udp src inside:172.16.0.77/55039 dst DMZ:10.10.1.101/161

It seems odd that it shows anything to do with the DMZ port because it's not even being used??
0
 
LVL 2

Author Comment

by:premillard
ID: 25192262
OK, well it took quite a bit of work and it even stumped the techs at Cisco.
They have been taking and analyzing all kinds of monitoring reports and were able to verify that the packets were just being dropped by the firewall for no reason. Finally we upgraded the PIX firmware version to 6.3.5 and it magically started working. All they can figure is that there is a bug in the code.
Upgrading the firmware version fixed the issue.
Thank you jfer0x01 for your help. Your suggestion of moving the bad machine closer to the ISP at least helped me verify that the issue was in fact caused by the firewall.
How should I work this as far as points? Even though your answer didn't solve the problem it helped me find the device that was the issue and I would like to give you points for that but I'm not sure what the protocol is in a case like this?
Please advise,
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Suggested Solutions

#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
How to create a custom search shortcut to site-search Experts Exchange using Google in the Firefox browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch your Bookmark Menu: Press 'Ctrl +…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now