[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 471
  • Last Modified:

Windows 2008 Domain Controller lost Internet Connection, but not LAN connection

Greetings,

I have a Windows 2008 (fully service packed) domain controller. Earlier this week, netlogon service crashed. I restarted the service and the server had lost it's Internet connection. Rebooted the server, and still no Internet connection. It still has access to the local LAN, and users can access shares and printers on it, but still no Internet access. I changed the NIC, and still same issues. I have rebuilt DNS, and still same issue. I have researched all errors in the Event Viewer, and I cannot seem to find a resolution to this. Any direction would be greatly appreciated.
0
LamboOK
Asked:
LamboOK
  • 7
  • 5
  • 2
  • +1
1 Solution
 
mlchelpCommented:
can you ping www.google.com or www.yahoo.com, does it reolve the name to ip address?
0
 
Jason WatkinsIT Project LeaderCommented:
Hi,

Check the DNS connection, check the default gateway.

Ping the default gateway and make sure that is up (also, verified by other clients being able to get on the web).

Check you external DNS server settings. Depending how you have your DNS set up, you may want to use local DNS and forward external queries to your ISP's DNS server, or openDNS, or even Google.
0
 
LamboOKAuthor Commented:
No, I am unable to ping anything, (URL or IP) outside the LAN.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LamboOKAuthor Commented:
I can ping the default gateway, (i.e. the router), from the server. I'll double check, but I'm pretty sure external is going to my ISP.
0
 
Jason WatkinsIT Project LeaderCommented:
The domain controller should be using itself for DNS and forwarding external queries to an upstream server. Is it doing that?
0
 
LamboOKAuthor Commented:
Yes. I have even tried to use external DNS and nothing seems to make a difference. Is there a way to monitor the DNS activity? Say I try to access www.google.com. Is there a way to see if DNS is actually taking the proper steps to reach that URL?
0
 
Jason WatkinsIT Project LeaderCommented:
Load up Wireshark on another machine and do a traffic capture
0
 
LamboOKAuthor Commented:
Good idea. I'll take a look at it tomorrow, and post what I find out. I appreciate your input.
0
 
bigmack333Commented:
Have you tried pinging IPs, instead of domain names? Meaning, instead of pinging google.com, can you try 4.2.2.2 (old public DNS server)?

Is your DC the only system that cannot access internet? Have you verified that firewall is disabled or that you don't have any browser proxy settings enabled?

Please be sure to let us know what else you find.
0
 
LamboOKAuthor Commented:
bigmack333, Yes, I have tried external IP's as well. Nothing. The DC is the only machine in the office without internet access. Firewall is disabled. I have checked Internet Settings and all proxy settings are as they were the day before this happened. Is there another place I should check for proxy settings? I will post the wireshark findings tomorrow afternoon.
0
 
bigmack333Commented:
Are you able to do a traceroute to 4.2.2.2 or your ISP's DNS server?

How many IP hops are listed prior to timeout?

Do you see any traffic to and from your firewall/gateway?
0
 
LamboOKAuthor Commented:
Sorry for the delay on this question. I have taken several captures with WireShark, and every capture will show little if any requests coming from this server. The odd thing is that still everything on the LAN can see this server and access shares from it. I have reloaded DNS and still this machine cannot see past the router. I have replaced the cable that connects the server to the switch. I have tested and confirmed the switch is working. Usually, WireShark will reveal the issue, but in this case I have not found one.
0
 
Jason WatkinsIT Project LeaderCommented:
It sounds as if the server is not using it's gateway (router) correctly. Other machines able to get out through the same router IP? Is there any type of packet filtering in place on the gateway?
0
 
Jason WatkinsIT Project LeaderCommented:
Another thought is to change the server's IP address to a different value and see if that helps. It could go toward determining whether or not the gateway is blocking traffic from that address.
0
 
LamboOKAuthor Commented:
I changed the IP address of the server and sure enough, it turns out the server IP address was being blocked. Found the issues on the router, and was able to resolve. I appreciate your advice.
0

Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

  • 7
  • 5
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now