Server able to ping router, unable to access Internet

I have a client with an SBS 2003 server that until yesterday morning was working fine - DC, DNS, DHCP and file server for about 40 desktops. Apparently the Internet 'died' sometime Sunday and no one was able to access the Internet or shared folders this morning. They then rebooted the server, but no joy.

The server can ping the router, the router is connected to the Internet, but the server cannot access the Internet. As it is running DNS the machines can't access either.

I have checked DNS - it only points to itself. No error msgs in event viewer about DNS. I have switched from 1 onboard NIC to the other (previously disabled). I have changed the router, unplugged and replugged the switches...

From the server I can ping the external static IP of the router, but nothing past that. I can  ping using IP address or machine name on the network.

From a workstation I am unable to access the Internet even when specifying a DNS server other than the server itself.

From a workstation I am able to ping the server, and able to connect to shared drives on it.

Everyone is able to ping the network printer.

From the router i can ping and tracert without a problem.
onsquirrelAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

delandaleCommented:
"From the router i can ping and tracert without a problem. " - to the internet?
Lavi ShiffmanConsultant Commented:
Do you have a dedicated firewall?  If not, what is your firewall of this network?
aamodtCommented:
If you can ping the routern from server, its your "default-route" / Route of last resort that are wrong on your router.
Or else its a firewall blocking other ports. like port 80,443  for HTTP access,
SD-WAN: Making It Work for You

As bandwidth requirements and Internet costs grow, businesses naturally want to manage budgets by reducing reliance on their most expensive connection types. Learn more about how to make SD-WAN work for your business in our on-demand webinar!

aamodtCommented:
We uses to run a clear NAT on our routers when that happend.. if you are running NAT internally.
Just clear the NAT tables on your FW/router.
delandaleCommented:
Also seen this when the router had some sort of anti DoS feature that had blocked the server IP from accessing the internet (i.e. too many connections from single IP = blocked IP)
abolinhasCommented:
Can you access to http://209.85.148.106/  (ip google.com) ?
onsquirrelAuthor Commented:
Thanks for the ideas!

Yes, ping and tracert from the router to the Internet works fine...

We had a Linksys firewall/router that I assumed was the problem, replaced it with a Linksys wireless router - so the only firewall right now is whatever is in the Linksys.

I will check on ports being blocked, but nothing has been set as far as I know... The router being used now had been used as our wireless access point - I reset it to factory defaults at the start of this.

I am unable to access anything from any machine past the external IP address of the router.

I had wondered about the DSL modem, but if the router can ping & tracert it must be okay, yes?
abolinhasCommented:
You can access to google through ip ?
delandaleCommented:
If your router can ping and tracert to an IP on the internet, you MUST have one of the following issues:

-Firewall on linksys router blocking traffic from LAN
-Linksys router blocking traffic from LAN due to DoS service or similar
-Missing outbound NAT rule in Linksys router (if the option is even available - not familiar with linksys routers)
-Other, unexpected error due to combination of devices (PCs > Linksys > DSL Modem)

If you can eliminate the first three, you will most likely end up replacing the Linksys router and DSL modem with an 'all-in-one' ADSL modem/router which will in most cases resolve the issue.

In order to eliminate some of these options, please provide us with the make/model of your router and dsl modem.

Regards

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
inbox788Commented:
If it's a DNS problem, try manually setting the dns to 4.2.2.1 and/or 4.2.2.2
onsquirrelAuthor Commented:
Okay, I've checked these things:

Firewall on router set to: 1. Block Anonymous Internet Requests, 2. Filter Multicast, 3. Filter IDENT (Port 113). The 4th option - Filter Internet NAT Redirection is unchecked.

Internet access set to 24 hours a day for all machines.

Can't find where there would be NAT rules on this rig...

Router is a Linksys WRT54G, the modem is an older Siemens Speedstream 6520 from Bell.

I have connected directly to the modem with my laptop, put in the PPPoE credentials and am connected to send this no problems.

I have tried setting the DNS on the server forwarders to 4.2.2.1 without success, also tried setting the workstation to use that, same result.
delandaleCommented:
By connecting a laptop to the modem sucessfully, you have narrowed the search for the problem to the Linksys router.

Just clutching at straws now but MAC clone? http://homecommunity.cisco.com/t5/Wireless-Routers/WRT54G-and-Virgin-Ambit-E08C013-UK-No-Internet/m-p/223541/highlight/true#M117937
delandaleCommented:
Are you using the siemens modem in bridge mode with the WRT54G?
onsquirrelAuthor Commented:
Eureka! And also a head slap - how could I be so stupid!!

In the setup (Advanced Routing) of the Linksys you can set the router to act as a router or a gateway - I assumed it needed to be router as that is what it is acting as... Apparently "if the router is hosting the Internet connection, select Gateway mode. If another router exists on your network, select Router mode."

I switched it from Router to Gateway, saved settings (no restart required) and 'Bob's your uncle!"

I think I used ideas from delandale the most... so will send points that way.
aamodtCommented:
Oki, thats good. internal routing can be a bitch sometimes :)
delandaleCommented:
Glad to hear you sorted it!

Enabling gateway mode creates an 'outbound NAT rule' within the WRT54G's firewall.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
SBS

From novice to tech pro — start learning today.