Solved

dns server not working icmp host not reachable admin prohibited

Posted on 2011-03-08
5
1,326 Views
Last Modified: 2012-05-11
I created a test environment  using vmware workstation creating host only vm's

linux server acting as my firewall and router dual nics (one on my reg. lan and one on my host -only lan

windows 2008 server (my ad and dns server)

i have everything working up to the point of i am able to ping google and get a reply so my dns is working and when i run a tracert from my windows client it is successful in finding the google servers

then when i go to the internet browser and point to google.com i get this page can not be displayed

i ran a tcp dumpand this is the error i get

09:31:26.100581 IP 192.168.76.151 > 192.168.76.128: ICMP host 74.125.226.178 unreachable - admin prohibited, length 56

192.168.76.151 is my router /firewall (linux box) when i ping the 74.125.226.178 i get a response

i am using the microsoft root-hints as my dns source

i am a little stumped  i would appreciate any help anyone can provide

Thanks in advance
0
Comment
Question by:eanda10
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 3

Accepted Solution

by:
dmf415 earned 500 total points
ID: 35071967
check your iptables configuration.  This command may unblock icmp.
SERVER_IP="202.54.10.20"
iptables -A INPUT -p icmp --icmp-type 8 -s 0/0 -d $SERVER_IP -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT

iptables -A OUTPUT -p icmp --icmp-type 0 -s $SERVER_IP -d 0/0 -m state --state ESTABLISHED,RELATED -j ACCEPT
0
 

Author Comment

by:eanda10
ID: 35071983
what would the server_ip variable set to?
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 35073367
Well seems like you are running host only vm's which only allow traffic on the host. You need to change the network settings within the Virtual Network to be external.
0
 

Author Comment

by:eanda10
ID: 35074796
but isnt that the point of the router to allow the network reach the outside world in this case the LAN
0
 

Author Closing Comment

by:eanda10
ID: 35083382
Turns out to be an issue with some of my rules i went back to step one and flushed my firewall and rebuilt the rules and now all is good
0

Featured Post

[Webinar] Code, Load, and Grow

Managing multiple websites, servers, applications, and security on a daily basis? Join us for a webinar on May 25th to learn how to simplify administration and management of virtual hosts for IT admins, create a secure environment, and deploy code more effectively and frequently.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I was supporting a handful of Windows 2008 (non-R2) 2 node clusters with shared quorum disks. Some had SQL 2008 installed and some were just a vendor application that we supported. For the purposes of this article it doesn’t really matter which so w…
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question