Solved

Unable to browse Internet w/IE or FF, can ping, can browse intranet pages

Posted on 2011-09-29
16
238 Views
Last Modified: 2012-05-12
I have a Windows XP machine on a network with 20 other computers. This is the only  machine with a problem. It will not access any website. I have tried Internet Explorer and Firefox and both DO NOT work. I can open up Outlook web access through the local network and the web interface on our copy machine. When I try to go to www.yahoo.com it fails. When I try to go to yahoo.com using the IP address, it fails. I can ping www.yahoo.com and any other address I put in. From command line, everything works. From the browser, only internal works, nothing external. I hooked up a laptop to the exact same cable and the laptop works fine. I restored windows to a time before this quit working and it still doesn't work. I uninstalled and reinstalled the NIC, reset WINSOCK, flushed DNS, reset IE settings, logged in as a different user, repaired TCP/IP connection, tried dynamic and static IP address, all firewalls are disabled. I am out of options. PLEASE HELP!!!
0
Comment
Question by:LakelandOffice
16 Comments
 
LVL 6

Expert Comment

by:netjgrnaut
Comment Utility
Do you by any chance have Norton or Symantec installed?

Have you tried an HTTPS site for testing (in addition to a plain old HTTP)?
0
 
LVL 6

Expert Comment

by:ventaur
Comment Utility
In IE, go to the Tools menu, then Options. On the Security tab, verify that the Internet zone is set to Medium-high, or lower (i.e., Medium, Low). Also, be sure Yahoo is not listed under Restricted sites.
0
 

Author Comment

by:LakelandOffice
Comment Utility
we use Trend Micro AV. All computers have it. AV only, no firewall. Just tried https://www.paypal.com and same result.
0
 

Author Comment

by:LakelandOffice
Comment Utility
ventaur - i used yahoo as an example, tried many websites. Even the direct IP address for yahoo and other sites. Firefox doesn't work either.
0
 
LVL 6

Expert Comment

by:netjgrnaut
Comment Utility
No proxy server used on the network?  No proxy server set on the client?

You said ping works.  Try this in a cmd window:

C:\> telnet www.yahoo.com 80

What happens?

Hit enter a couple of times.  What happens?
0
 

Author Comment

by:LakelandOffice
Comment Utility
no proxy

 telnet result - could not open connection to host, connect failed.

Tried telnet locally - can't telnet locally. I can telnet into our copy machine from my PC but get connect failed on the problem PC. Interesting!!!!
0
 
LVL 6

Expert Comment

by:netjgrnaut
Comment Utility
But you can get to local web sites?

Are you using the "80" at the end of the telnet command?  Just making sure - that'll connect you to the HTTP listener instead of the (non-existent) telnet listner.

Using basic telnet - to your local copier - are you on the same subnet?  

I'd be looking at default gateway on the problem host, except you said ping works to outside sites.

Is there any possibility that you've got a duplicate IP address on the problem host?

This has some signs of a routing issue, but I can't put my finger on what exactly (since ICMP appears to be working).  Do you have more than one subnet at your site?  Can you communicate with anything *other* than ICMP across subnet boundaries?

Otherwise, it sure looks like a firewall problem, where either outbound or inbound TCP traffic is being blocked.  More details about your network config would be helpful.
0
 

Author Comment

by:LakelandOffice
Comment Utility
yes, local websites (web interface on copier, sonicwall interface and OWA) work fine. I used port 80 on the telnet for yahoo.com but not when trying to telnet to the copy machine. The copy machine accepts 23. I can telnet straight to the copier with my computer on same network but can't telnet using the problem computer but can access the web interface for the same copier using IE.

Same subnet

default gateway is the same as my computer which works fine.

it is DHCP so not likely it's a duplicate, no duplicate errors and I would think it would cause more issues than just browsing.

there are 3 subnets. each subnet is connected by an MPLS. I am on the same network as the problem computer. The problem computer can ping any address on its own subnet as well as a server at each of the other subnets.

sonicwall firewall on network, no one else having trouble. no firewall on the problem pc.
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 6

Expert Comment

by:netjgrnaut
Comment Utility
OK... so
ICMP works everywhere  
TCP/80 works locally across subnets
TCP/23 fails locally
TCP/everything fails beyond the network perimeter

Sound pretty much like what you're going through?

Out of curiosity, run nslookup.  The execute "server 8.8.8.8".  Then execute "www.vifi.com".  Does it work?
0
 

Author Comment

by:LakelandOffice
Comment Utility
yep, that sounds about right and nslookup works on both.
0
 
LVL 6

Expert Comment

by:netjgrnaut
Comment Utility
OK, so that means you're passing traffic to Google's public DNS server.  That's TCP/53 by default (MS), UDP/53 default (everyone else).

Very specific service blocks, and the fact that some of them are local (the telnet test) really points to the XP host itself as the source of the problem.

Not very insightful, I realize.  I'm stumped too.  I'd be looking for errant software on the broken host.  Malware, broken software.  Can you roll it back via system restore to a point in time when it worked?
0
 

Author Comment

by:LakelandOffice
Comment Utility
i rolled back system restore to 2 days ago when it was working and it no luck
0
 
LVL 6

Expert Comment

by:netjgrnaut
Comment Utility
Sounds like it's time for a re-image.
0
 
LVL 66

Expert Comment

by:johnb6767
Comment Utility
I would dl and run TDsSKiller to make sure you don't have a root kit.. Have seen it do weird things....
0
 

Accepted Solution

by:
LakelandOffice earned 0 total points
Comment Utility
Problem with the NIC. Installed a USB NIC and it works just fine. Not sure why though.
0
 

Author Closing Comment

by:LakelandOffice
Comment Utility
I figured out the solution myself. Nothing suggested by everyone else fixed the problem.
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now