Solved

windows 2008 VM server can't be pinged internally, but can ping gateway and get on the web

Posted on 2010-08-20
30
1,936 Views
Last Modified: 2013-11-06
Hi, I have a 2008 hyperv server.
I installed a 2008 VM server on top of it a few weeks ago, ran windows updates etc.
Just put a database on it. And discovered the local pc's cannot ping it or see it.
Yet i can get on the web. All gateway and DNs settings are correct.
Any idea's
0
Comment
Question by:total123
  • 15
  • 13
  • +1
30 Comments
 
LVL 6

Expert Comment

by:fluk3d
Comment Utility
Have you tried disabling the windows firewall? Any software firewalls running on that VM? is the subnet mask correct?
0
 

Author Comment

by:total123
Comment Utility
here's the net diag
net.txt
0
 
LVL 6

Expert Comment

by:fluk3d
Comment Utility
OK - netdiag isn't fully supported on a windows 2008 platform. Let's see.. your tcp settings look good, you've made sure there is no software eventing the connection INBOUND to the machine off the LAN.

Is there anything showing up in the event viewer network related?

The machines that you are pinging "sqlserver" with what is they're default gateway set to? hardware firewall? layer3 switch?

Are you able to check the log files of the gateway device, to ensure that unit is not preventing communication to your VM?

Does this problem happen on all VM's, or are you just running this one VM in your environment?
0
 
LVL 6

Expert Comment

by:fluk3d
Comment Utility
Also - can the host ping your guest?
0
 

Author Comment

by:total123
Comment Utility
Hi guys

right, the firewall was disabled straight away. so not that.
We have a simple setup. My gateway is a watchguard soho6
I only have one other VM server, which is an exchange server, which has been running fine for 9 months. I can ping it.

event veiwer :-

event id 1129 - the process of group policy failed - today at 11.45
The system failed to register host (A or AAAA) resource records for  network adapter
with settings:

   Adapter Name : {CAAF0763-7B2C-44C7-A2A8-46E84C330B90}
   Host Name : sqlserver
   Primary Domain Suffix : nwt.com
   DNS server list :
           192.168.1.105
   Sent update to server : <?>
   IP Address(es) :
     192.168.1.104

 Either the DNS server does not support the DNS dynamic update protocol  or the authoritative zone for the specified DNS domain name does not  accept dynamic updates.

 To register the DNS host (A or AAAA) resource records using the specific DNS domain name and IP addresses for this adapter, contact your DNS  server or network systems administrator.

event id 5719
This computer was not able to set up a secure session with a domain controller in domain NWT due to the following:
There are currently no logon servers available to service the logon request.
This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator.  

ADDITIONAL INFO
If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain.

event id 129
NtpClient was unable to set a domain peer to use as a time source because of discovery error. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: The entry is not found. (0x800706E1)

event id 1129
The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

this all happened on a reboot
0
 

Author Comment

by:total123
Comment Utility
i can ping the DC called swindon - 192.168.1.105
and access \\swindon
0
 
LVL 6

Expert Comment

by:fluk3d
Comment Utility
Thanks for the info. What type of NIC are you running on your guest VM, if you are not running the legacy NIC please try using that.


- Open the Hyper-V management console, turn off the Virtual Machine. Right Click and Choose Settings
- Locate the Network Adapter and Remove the current attached NIC.
- Click Add Hardware>Add a legacy Network Adapter. Then configure the legacy Network Adapter bind to the Physical NIC.
- Turn on the Virtual Machine and see if the issue still exists.
0
 
LVL 6

Expert Comment

by:fluk3d
Comment Utility
Is this a HP server by any chance?
0
 

Author Comment

by:total123
Comment Utility
its a dell t710
0
 

Author Comment

by:total123
Comment Utility
i removed the nic, add legacy nic. setup the IP on the new nic on the VM.
I've even changed the main IP address.
Still can't ping the server
0
 
LVL 6

Expert Comment

by:fluk3d
Comment Utility
OK - is the MAC address of the host & guest unique? ipconfig /all does anything show in your watchguard device?

Are you running DHCP on your network? If so please change to DHCP on the server, and see if the machine grabs an IP from your DHCP server. If that fails can you please try grabbing a packet capture and posting it back

Try running a packet capture from your watchguard device, and also locally from another machine on the LAN and your server.

Not sure if your firewall has that function I'm sure it does however you can use WireShark or Network Monitor on your server to record the capture.
0
 

Author Comment

by:total123
Comment Utility
that maybe where i'm going wrong, i have 2 devices running off of one card and haven't given them separate mac address's. I'll try that first
0
 
LVL 6

Expert Comment

by:fluk3d
Comment Utility
Your firewall may see that as a IPS/IDS attack
0
 

Author Comment

by:total123
Comment Utility
that didn't work, i'll try the rest
0
 

Author Comment

by:total123
Comment Utility
i have 4 nic's in the dell, so decided to plug nic 3 in and give it to the VM, still didn't work.
I've given it a mac address, that doesn;t work, deleted the virtual network card again and gave it the normal network adapter.

set it to dhcp and 192.168.1.104, both cannot be pinged, it does get a dhcp address

can you recommend a capture program
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 6

Expert Comment

by:fluk3d
Comment Utility
Wireshark is a very good capture program, however if you want you can also try Network Monitor made by microsoft.

http://www.wireshark.org/
http://www.microsoft.com/downloads/details.aspx?FamilyID=983b941d-06cb-4658-b7f6-3088333d062f&displaylang=en
0
 
LVL 6

Expert Comment

by:fluk3d
Comment Utility
You can also try booting off a live CD (WinPE) within your VM and see if you are able to communicate to the LAN this should also isolate the problem if it's software related, or hardware related but, getting a packet capture would be ideal to determine if there are errors on the packets, or if the packet is or isn't leaving the machine.
0
 
LVL 13

Expert Comment

by:cshepfam
Comment Utility
On your Primary DNS Server, check the entries to make sure the A (host) record for the new VM was created including a PTR record as well.

If no entry is in there, then manually create it.

Afterwards, do an ipconfig /flushdns and a ipconfig /registerdns on the DNS server.

Then see if the local pcs can ping it.  
0
 

Author Comment

by:total123
Comment Utility
wireshark capture from vm server - sqlserver

remote will follow


srv
0
 

Author Comment

by:total123
Comment Utility
i've tried the dns approach. this has made no difference
0
 
LVL 6

Expert Comment

by:fluk3d
Comment Utility
Just heading to a clients site will look at the capture when I get back
0
 

Author Comment

by:total123
Comment Utility
no problem, i can't get the remote capture to work. i put in the ip address and it doesn't like it, also tried the MS username and password for our admin account. is there a set port number i should be using ?
0
 
LVL 6

Expert Comment

by:fluk3d
Comment Utility
Use the full context domain\user or install it locally
0
 

Author Comment

by:total123
Comment Utility
wireshark is installed on the server and pc locally, the domain\user approach doesn't work
0
 
LVL 15

Expert Comment

by:msmamji
Comment Utility
Have you made sure the your firewall is off for all profiles?
Control Panel -> Administrative tools -> Windows Firewall with Advance Security
0
 

Author Comment

by:total123
Comment Utility
i turned the firewall off as a service, shouldn't this do the job
0
 
LVL 6

Expert Comment

by:fluk3d
Comment Utility
Ok run a ping to the server from the workstation and upload the capture
0
 

Author Comment

by:total123
Comment Utility
problem solved, the network descovery was never enabled under network and sharing.
can't believe that was so stupid,
many thanks for yuor help guys
0
 
LVL 6

Accepted Solution

by:
fluk3d earned 500 total points
Comment Utility
I'm glad you solved the problem
0
 

Author Closing Comment

by:total123
Comment Utility
i ended up solving it by enabling the file sharing on the server
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Introduction Windows 2012 is here - it is upon us, and I hope that like me, you will upgrade your Hyper-V to the new version which has been promised to be a lot more stable, flexible and powerful than its predecessor in Windows 2008 R2.  Setting up…
Every once-in-a-while, when you try to add a XenServer host to the System Center Virtual Machine Manager console, it will generate a certificate error, and the XenServer host will not be added to Virtual Machine Manager: If you are experiencing t…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now