We help IT Professionals succeed at work.

Server able to ping router, unable to access Internet

onsquirrel asked
I have a client with an SBS 2003 server that until yesterday morning was working fine - DC, DNS, DHCP and file server for about 40 desktops. Apparently the Internet 'died' sometime Sunday and no one was able to access the Internet or shared folders this morning. They then rebooted the server, but no joy.

The server can ping the router, the router is connected to the Internet, but the server cannot access the Internet. As it is running DNS the machines can't access either.

I have checked DNS - it only points to itself. No error msgs in event viewer about DNS. I have switched from 1 onboard NIC to the other (previously disabled). I have changed the router, unplugged and replugged the switches...

From the server I can ping the external static IP of the router, but nothing past that. I can  ping using IP address or machine name on the network.

From a workstation I am unable to access the Internet even when specifying a DNS server other than the server itself.

From a workstation I am able to ping the server, and able to connect to shared drives on it.

Everyone is able to ping the network printer.

From the router i can ping and tracert without a problem.
Watch Question

"From the router i can ping and tracert without a problem. " - to the internet?
Lavi ShiffmanConsultant

Do you have a dedicated firewall?  If not, what is your firewall of this network?
Thomas AamodtNetwork Architect

If you can ping the routern from server, its your "default-route" / Route of last resort that are wrong on your router.
Or else its a firewall blocking other ports. like port 80,443  for HTTP access,
Thomas AamodtNetwork Architect

We uses to run a clear NAT on our routers when that happend.. if you are running NAT internally.
Just clear the NAT tables on your FW/router.
Also seen this when the router had some sort of anti DoS feature that had blocked the server IP from accessing the internet (i.e. too many connections from single IP = blocked IP)
Can you access to  (ip google.com) ?


Thanks for the ideas!

Yes, ping and tracert from the router to the Internet works fine...

We had a Linksys firewall/router that I assumed was the problem, replaced it with a Linksys wireless router - so the only firewall right now is whatever is in the Linksys.

I will check on ports being blocked, but nothing has been set as far as I know... The router being used now had been used as our wireless access point - I reset it to factory defaults at the start of this.

I am unable to access anything from any machine past the external IP address of the router.

I had wondered about the DSL modem, but if the router can ping & tracert it must be okay, yes?
You can access to google through ip ?
If your router can ping and tracert to an IP on the internet, you MUST have one of the following issues:

-Firewall on linksys router blocking traffic from LAN
-Linksys router blocking traffic from LAN due to DoS service or similar
-Missing outbound NAT rule in Linksys router (if the option is even available - not familiar with linksys routers)
-Other, unexpected error due to combination of devices (PCs > Linksys > DSL Modem)

If you can eliminate the first three, you will most likely end up replacing the Linksys router and DSL modem with an 'all-in-one' ADSL modem/router which will in most cases resolve the issue.

In order to eliminate some of these options, please provide us with the make/model of your router and dsl modem.

If it's a DNS problem, try manually setting the dns to and/or


Okay, I've checked these things:

Firewall on router set to: 1. Block Anonymous Internet Requests, 2. Filter Multicast, 3. Filter IDENT (Port 113). The 4th option - Filter Internet NAT Redirection is unchecked.

Internet access set to 24 hours a day for all machines.

Can't find where there would be NAT rules on this rig...

Router is a Linksys WRT54G, the modem is an older Siemens Speedstream 6520 from Bell.

I have connected directly to the modem with my laptop, put in the PPPoE credentials and am connected to send this no problems.

I have tried setting the DNS on the server forwarders to without success, also tried setting the workstation to use that, same result.
By connecting a laptop to the modem sucessfully, you have narrowed the search for the problem to the Linksys router.

Just clutching at straws now but MAC clone? http://homecommunity.cisco.com/t5/Wireless-Routers/WRT54G-and-Virgin-Ambit-E08C013-UK-No-Internet/m-p/223541/highlight/true#M117937
Are you using the siemens modem in bridge mode with the WRT54G?


Eureka! And also a head slap - how could I be so stupid!!

In the setup (Advanced Routing) of the Linksys you can set the router to act as a router or a gateway - I assumed it needed to be router as that is what it is acting as... Apparently "if the router is hosting the Internet connection, select Gateway mode. If another router exists on your network, select Router mode."

I switched it from Router to Gateway, saved settings (no restart required) and 'Bob's your uncle!"

I think I used ideas from delandale the most... so will send points that way.
Thomas AamodtNetwork Architect

Oki, thats good. internal routing can be a bitch sometimes :)
Glad to hear you sorted it!

Enabling gateway mode creates an 'outbound NAT rule' within the WRT54G's firewall.