We help IT Professionals succeed at work.

Workstations cannot ping server

emlsysadmin used Ask the Experts™
I restarted my server (running windows server 2003 SP2) yesterday after completing windows update; now when i try to connect to the server from any workstation it doesnt connect.  I can ping the workstations from server(ADC), but i could neither ping nor use any of the server resources from workstations.  Thinking that windows update might have blocked some services, i have uninstalled all the windows updates that are been installed for the last 2 months....
Checked IP Address & Subnet Mask
Server - /
Client IP - 192.168.1.XX /
DHCP - disabled
Netbios over TCP/IP - enabled
Windows Firewall - Disabled
Trend Micro Officescan installed; have also tried stopping all the services of officescan but result negative.  No other antivirus software installed.
When Server is in Safe mode, workstations can able to connect server(with all services) normally.

Kindly advise with the suitable solution
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

I would uninstall officescan, not just stopping the services, and see if that helps....I would lean more toward it than windows updates causing this issue. LOL though I have seen windows update take out servers before.


This server is acting as Trend Micro Officescan Server in which around 100 users are connected.  Server was not having any problem until it was restarted yesterday, this problem occured after the restart only.  Appreciate if an alternate solution is provided without uninstalling Officescan.  Please advice.

can you ping by name from the workstations to the server?


While pinging by name also, its appearing Request time out
Check the following:
IPSec services, they often cause issues.
How are you disabling antivirus. ( Disable the sevices after disabling the actual program)
Do a trace route to server  IP from the PCs.
Sometimes the ICMP packets can be blocked by windows firewall.
Also go to services, arrange them by startup type and see which ones of the automatic type have not been started..
But IPSec may be the worst culprit.

Run nslookup from the command prompt and see if your server name is resolving to the correct IP


Disabling Antirivus Procedure - first i unloaded Antivirus by rightclicking on the taskbar and click unload officescan; After unloading most of the officescan services are stopped, the remaining services related to Trend Micro which was running, were manually stopped.
Tracert to server from workstation is giving 'request time out'
windows firewall is totally disabled, i tried even enabling windows firewall and enable ICMP Ping but negative result
All the services of automatic type are running in the server
Pls let me know in detail, what to be checked with regard to IPSec
NSLOOKUP is pointing to the PDC & ADC correctly

Try running ipconfig /flushdns then run ipconfig /registerdns on both client and server and see if get connectivity/pingability
A stupid question but what is Default gateway and DNS on PCs.
If default gatway is you router can you ping from the router to PCs?
Have you checked your DNS server details on server
also do nbtstat -R


1. when given nbstat -r getting the below
NetBIOS Names Resolution and Registration Statistics

Resolved By Broadcast     = 2
Resolved By Name Server   = 0

Registered By Broadcast   = 6
Registered By Name Server = 0

NetBIOS Names Resolved By Broadcast
       DXBDOM22       <1E>
2. also tried  ipconfig /flushdns but no luck

3. default gateway and dns are the same for both server and workstations
4. pinging from router to ADC is not possible. All other workstations are pingable.

If you plug a laptop into the same switch that your AD controller is on can you ping it then?
If not then it is most likely a service on the server.
If you can ping the ADC then you have a routing issue


have tried the following as solutions:

1. already laptop connected directly to the same switch and tested (negative result)
2. after booting in safe mode with network support, tried to ping from other systems and we are able to reach the ADC without any problem(suspect there can be a existing service issue which blocks the other workstations or servers to reach the ADC - negative result- if possible pls provide us steps to narrow down the services)
3. tried all possible troubleshooting steps on TCP/IP connectivity as one of the options(negative result)

click start run type msconfig
click hide all microsoft services
I would uncheck everything here that is absolutley non-essential reboot and see what you get


sorry forgot to mention this, msconfig non-essential startup services were already disabled and tried. no luck

what are the other essential services that you are allowing to run?
Is is possible to disable them on at a time and see which one is causing the issue?
also in services.msc are there any automatic startup services that have failed?


no other automatic startup services failed. have tried stopping almost all major services manually eg. trend micro officescan(all services), windows firewall-disabled, GFI faxmaker services

You need to edit your services list so that it contains only these items:
Computer Browser
DHCP Client
DNS Client
Event Log
Logical Disk Manager
Plug and Play
Remote Procedure Call (RPC)
TCP/IP NetBIOS Helper Service
Windows Management Instrumentation

After disabling everything except these services reboot and start adding your essential services until the problem presents itself, if the problem does not present itself start adding the remaining windows services that you previously disabled until the problem presents it self


have tried isolating the required services as suggested but no luck. have restarted the server twice after stopping the major services. No change in the status of network. still the same problem persists. Any other suggestion?
Alan HardistyCo-Owner
Top Expert 2011

Set the IPSEC Services Service to disabled and restart the server and all should be fine.  Seen this numerous times and this fixes it simply.


ipsec service has already been disabled and tried. still no luck.
Alan HardistyCo-Owner
Top Expert 2011

The trouble now is that you have done so much troubleshooting and modifying that you could have easily knocked something else out.
Please reinstall all the available Windows Updates and then see where that leaves you.

Sorry to inform you that It's still Windows Firewall. I have seen it a thousand times.

Not only does it block ICMP, it also blocks File and print sharing. So, if you tried to ping by computername, you are blocked because of the blocks on Netbios.

If you enabled RRAS, at all on the server, Windows firewall is enabled regardless if the service says it is DISABLED and NOT RUNNING.

Enable windows firewall, Allow it to work with ICMP AND>>>File and print sharing. Now, if you have a multihomed computer, this too could cause problem. Please tell us how many adapters you have on the server and how they are configured.

By the way, Sindows Firewall is a system state firewall. This means if the client pings the server, it can't communicate or get a reply. However, if the server pings the client, a reply is made. The term system state simply means if the communication is made by the server, it will continue with the communication. However, if the attempt to communicate with the server is made from a client, the communication is blocked.

Sorry, for triple posts: But another system state firewall prevented the same things you are seeing on your server:

It appeares that Cisco VPN client installed also has a system state firewall within it, when enabled:

Problem is resolved now.
I tried again disabling all services except the windows required services, still the problem existed.
Then started uninstalling other applications installed in the server one by one.  Finally when uninstalling Wingate (Application was not running and services were also stopped disabled earlier), clients started pinging the server.
Thank you very much for the entire support team for the instant & valuable services