Solved

dns server not working icmp host not reachable admin prohibited

Posted on 2011-03-08
5
1,304 Views
Last Modified: 2012-05-11
I created a test environment  using vmware workstation creating host only vm's

linux server acting as my firewall and router dual nics (one on my reg. lan and one on my host -only lan

windows 2008 server (my ad and dns server)

i have everything working up to the point of i am able to ping google and get a reply so my dns is working and when i run a tracert from my windows client it is successful in finding the google servers

then when i go to the internet browser and point to google.com i get this page can not be displayed

i ran a tcp dumpand this is the error i get

09:31:26.100581 IP 192.168.76.151 > 192.168.76.128: ICMP host 74.125.226.178 unreachable - admin prohibited, length 56

192.168.76.151 is my router /firewall (linux box) when i ping the 74.125.226.178 i get a response

i am using the microsoft root-hints as my dns source

i am a little stumped  i would appreciate any help anyone can provide

Thanks in advance
0
Comment
Question by:eanda10
  • 3
5 Comments
 
LVL 3

Accepted Solution

by:
dmf415 earned 500 total points
ID: 35071967
check your iptables configuration.  This command may unblock icmp.
SERVER_IP="202.54.10.20"
iptables -A INPUT -p icmp --icmp-type 8 -s 0/0 -d $SERVER_IP -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT

iptables -A OUTPUT -p icmp --icmp-type 0 -s $SERVER_IP -d 0/0 -m state --state ESTABLISHED,RELATED -j ACCEPT
0
 

Author Comment

by:eanda10
ID: 35071983
what would the server_ip variable set to?
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 35073367
Well seems like you are running host only vm's which only allow traffic on the host. You need to change the network settings within the Virtual Network to be external.
0
 

Author Comment

by:eanda10
ID: 35074796
but isnt that the point of the router to allow the network reach the outside world in this case the LAN
0
 

Author Closing Comment

by:eanda10
ID: 35083382
Turns out to be an issue with some of my rules i went back to step one and flushed my firewall and rebuilt the rules and now all is good
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SYSVOL corrupted 12 96
powershell script 9 64
ColdFusion 9 CF Administrator and Request Filtering 3 26
Trust DNS Resolution for Unqualified Names 3 14
If you migrate a Terminal Server licenses server inside the 2008 server family, you can takte advantage of the build-in migration tool. If you like to migrate an older 2003 Server (and the installed client CALs) to a 2008 R2 server for example, you …
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question