Link to home
Start Free TrialLog in
Avatar of Elemental12
Elemental12

asked on

System error 53 has occurred. The network path was not found.

I have a problem when net using between a windows 2008 and a windows 2003 machine.  Whenever the windows 2008 machines tries to netuse to the windows 2003 machine, it gets :

System error 53 has occurred.  The network path was not found.

The 2003 cannot netuse to the 2008 machine either.  These two machines can ping each other by name and IP.  They are in separate vlans, and have a checkpoint firewall as their default gateway and router between vlans.  No local firewall on either server.

I have checked both machines and made sure that Enable Netbios over tcp/ip is enabled.  File and Print sharing is on on teh windows 2008 machine.  File and Printer sharing for Microsoft networks is on on both machines.

One thing that worries me is that the 2003 machine (when I do a net view) shows me lots of servers.  When I do a net view on the 2008 machine, it only shows itself in the list.

Any ideas ?
Avatar of Darius Ghassem
Darius Ghassem
Flag of United States of America image

Are you using Symantec Endpoint by Chance?

Avatar of Elemental12
Elemental12

ASKER

Nope, no symantec.  Trend Micro (actually, this is all about not being able to install trend micro.  it would not install, so tech support told me to net use, and when I could not net use, they said fix that first, then we can keep working on the install issue, if any exists, at that point).
Go to Run \\servername
I get message :

Windows cannot access \\servername

Check the spelling of the name.  Otherwise, there might be a problem with your network.  To try to identify and resolve network problems, click diagnose.

(Yes I did replace servername with the actual server's name).
First of all go to your win 2008 server and enable computer browser service from services console.
That'll show you a list of all the machines.
Also run "netsh advf set allp state off" on your 2008 machine to disable the local firewall using command prompt.
Go to NIC properties>>Configure>>Advanced.
Disable all offloading options and Receive side scaling if you see it.
Server 2008 uses SMB2. The negotiation is different. Might be something that's broadcasted that's not getting through the router or FW. I'd check the FW/Router logs, or fire up wireshark.
Try \\IPaddress
On the CheckPoint GW please run this command from command line:

fw ctl zdebug +drop >drop.txt

Reproduce the issue twice

ctrl-l

Now you have two ways to look at the txt file. You can use the command line from the GW to look at the debug or take it off and look at it via notepad or notepad++. You are going to be looking for the 2k8 server's I address. The drop message should point to a rule or a Smartdefense/IPS or Anti-spoofing drop. That is if it is being dropped by the GW
Thank you everyone for your suggestions.  I figured I would reply back to everyone's suggestions in one post :

1. I have confirmed that on the W2k8 server, the computer browswer service is started and set to automatic.  I restarted it just for fun.  The list is much bigger now.  I tried the net use again (I got excited), but I got the same error (system error 53 has occurred. The network path was not found).

2. I ran the "netsh advf set allp state off" cmd, and all I got back was "Ok.".  Ran my net use cmd again and got the same error.

3. I did not see Receive side scaling in the property list, but I did see TCP Checksum Offload (IPv4) and UDP Checksum Offload (IPv4), and set them both to disabled.  Net use cmds failed again.

4. \\IPAddress fails

5. Checkpoint shows no ACL entries at all.  Being that these are in two separate networks, you would think that something would show up, whether it was passing or failing acl.  I even turned on "ALL action filters" so I could see anything that might be going on, and nothing shows between these two servers.  I even swapped the source and destination IPs in the tracker, hoping that maybe the W2k3 server was failing in sending something back to the W2k8 server, but no luck.

6. Interestingly enough, my wireshark shows echo requests and replies when the w2K3 server pings the W2k8 server.  and vice versa.  Which is great, as it means the sniffer is sniffing the right two IPs.  If the W2k8 server tries to net use to the W2k3 server, I see nothing in the sniffer at all, no movement.  If the w2k3 machine tries to net use to the W2k8 machine, I see lots of stuff, but only in the direction of the w2k3 server to the w2k8 server, nothing back.  

The info says:

Src.            Dest.        Protocol      Info.
W2k3            W2k8      TCP            myblast > microsoft-ds [SYN] Seq=0 Win=65535 Len=0 MSS=1460
W2k3            W2k8      TCP            myblast > microsoft-ds [SYN] Seq=0 Win=65535 Len=0 MSS=1460
W2k3            W2k8      TCP            spw-dialer > netbios-ssn [SYN] Seq=0 Win=65535 Len=0 MSS=1460
W2k3            W2k8      TCP            spw-dialer > netbios-ssn [SYN] Seq=0 Win=65535 Len=0 MSS=1460
W2k3            W2k8      TCP            myblast > microsoft-ds [SYN] Seq=0 Win=65535 Len=0 MSS=1460
W2k3            W2k8      TCP            myblast > microsoft-ds [SYN] Seq=0 Win=65535 Len=0 MSS=1460
W2k3            W2k8      TCP            spw-dialer > netbios-ssn [SYN] Seq=0 Win=65535 Len=0 MSS=1460
W2k3            W2k8      TCP            spw-dialer > netbios-ssn [SYN] Seq=0 Win=65535 Len=0 MSS=1460
W2k3            W2k8      TCP            myblast > microsoft-ds [SYN] Seq=0 Win=65535 Len=0 MSS=1460
W2k3            W2k8      TCP            myblast > microsoft-ds [SYN] Seq=0 Win=65535 Len=0 MSS=1460
W2k3            W2k8      TCP            spw-dialer > netbios-ssn [SYN] Seq=0 Win=65535 Len=0 MSS=1460
W2k3            W2k8      TCP            spw-dialer > netbios-ssn [SYN] Seq=0 Win=65535 Len=0 MSS=1460

And then it stops

I checked the Checkpoint tracker again, and still see nothing.



Just to be clear, when I say I try my net use cmd, what I do is, try :

 net use : \\SERVERNAME\c$ /user:DOMAINNAME\MYUSERID

when that fails, I try

 net use : \\IPOFSERVERNAME\c$ /user:DOMAINNAME\MYUSERID

Thanks
If you go to Run then \\IPaddress you get an error, right?

Can you ping the IP address?
They can ping each other by name and IP.  Traceroutes in both directions look good too.
So, when you go to run type \\IP address you get an error?
http://www.chicagotech.net/systemerrors.htm#System%20error%2053%20-%20The%20network%20path%20was%20not%20found.
System error 53 - The network path was not found.

Symptom: when using net view \\ip or \\computername, you get system error 53.  

Resolutions: 1) if it is domain environment, check your WINS; 2) if it is peer-to-peer workgroup, enable NetBIOS over TCP/IP; 3) make sure the machine is running; 4) make sure file and Printer Share enabled on remote computer; 5) make sure client for ms networks is enabled on local computer; 6) make sure you type the correct name. 7) Make sure no firewall running or any security setting. 8) If your computer is loaded NetWare IPX or NWLink, you may receive system error 53. You may want to disable the NWlink or move it lower than TCP/IP in in network binding order.

https://www.experts-exchange.com/questions/21271476/Why-does-net-use-host-fail-System-error-53-network-path-not-found-error-but-net-use-IP-ADDRESS-work.html
We do not run WINS servers in our environment.  I can net use to other servers, just fine, which makes me think that it is not a WINS requirement.  NetBIOS over tcp/ip is enabled on both servers, just for fun.  File and print share is enabled on the nics on both servers.  client for MS Networks is also enabled on both boxes.  Even if I was mistyping the names (which I am not), it does not explain why netusing by IPs gives me the same error.  There is the checkpoint FW running between the two devices, but neither box is running a local firewall.  No Netware at all in our environment.
SOLUTION
Avatar of Darius Ghassem
Darius Ghassem
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
and that is my problem.  I assume that the Checkpoint firewall is blocking something, but the logs in the firewall show nothing (passing or failing), when one server tries to access the other.  Usually when I did not put a port in an ACL, checkpoint logs will show that with a deny, and it helps me which ports I need to allow, but I am seeing nothing at all.

What are the ports you suggest ?  I guess I can setup a test ACL, and put all the ports you suggest in there.
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
For your first link, my only issue is that this windows 2008 machine cannot net use to any machine, meanwhile the Windows 2003 machine can net use to plenty of other machines, so it makes me think it is not the check point firewall, but rather something on the w2k8 machine.  Other w2k8 machines work just fine.

What else on this w2k8 machine could be set (that I do not know about) that does not allow me to net use to it ?

Thanks
If you go to the run command type \\IPaddress you get no connection, right?

Have you remove the AV from the system?

Post ipconfig /all
Correct, it tells me it cannot find \\ipaddress.

It does not have AV installed on it.  I am trying to install AV, and in troubleshooting, we found out that this machine cannot be net used to from any other machine.

I just noticed the "Activate now" balloon came up.  Can that be part of this network connectivity issue ?


ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : MACHINENAMEW2k8
   Primary Dns Suffix  . . . . . . . : DOMAIN.COM
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : DOMAIN.COM

Ethernet adapter Local Area Connection 3:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
   Physical Address. . . . . . . . . : 00-50-56-BA-3C-B2
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 172.19.15.11(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.252.0
   Default Gateway . . . . . . . . . : 172.19.15.1
   DNS Servers . . . . . . . . . . . : 172.19.193.63
                                       172.19.193.83
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 8:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{771120DF-B29B-466A-97D2-D49D4CA95
3F4}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Could be if you aren't activated and over the trial period.

Can you ping the IP address?
I have activated the machine, removed it from the domain, rebooted, added it back to the domain and rebooted again.

Yes, both machines can ping and traceroute to each other.

Enable Computer Browser services.

Disable IPV6
as stated above, computer browser service is enabled on both servers and IPv6 is disabled on both.
It was a firewall port issue.  while cmd line net use did not tell me anything, if I tried to net use via windows explorer "Map a network drive", it actually told me that windows found the other server but could not map a drive, confirm port 445 is enabled on the Firewall.  I went to checkpoint and added that point, and like magic I can map drives, as well as push my AV client.  

Thanks for your help