Solved

Some users cannot access certain websites

Posted on 2012-04-13
12
1,066 Views
Last Modified: 2012-07-04
I have a situation where I have about 80 users on my network and I have some wireless devices setup as well.

Most everyone is patched in through a patch panel which is then plugged into my server room switches.

Now the strange thing is that some users can access certain websites that others can't. For instance if on my computer I tried www.solmetric.com or www.answers.yahoo.com I get a page cannot be displayed, but the user just down the hallway from me can access those sites.

I have contacted my ISP provider and I have checked my DNS server for the correct forwarders in place and they are correct. I have flushed my DNS, cleared my cache and everything but nothing works. I still cannot access those sites and most of the users here can't either. Only about 5 can access it.

Now another issue came up where a user was connected to our Wifi and was able to pull up the site on there smart phone, then they connected there laptop to the wifi and then they couldn't connect to the website.

I don't know exactly why this is causing this issue to happen, any thoughts would be helpful thanks.
0
Comment
Question by:Neogeo147
  • 7
  • 4
12 Comments
 
LVL 17

Expert Comment

by:bigeven2002
Comment Utility
Hello,

The next thing to check is their HOSTS file on their machine which is located at C:\Windows\System32\drivers\etc

Open the HOSTS file with Notepad and see if there are any unusual entries.

Also, are there any proxies involved?  Can you check one of the problem computers and look at Internet Options > Connections > LAN settings and see if a proxy is set, maybe like to 127.0.0.1.

Also, have you tried an alternate web browser to see if the problem occurs there too?

Lastly, does everyone use the exact same antivirus?  maybe the problem users' policy became misconfigured versus the ones that are working.
0
 

Author Comment

by:Neogeo147
Comment Utility
Yes I have checked those host files and all thats in there is the standard 127.0.0.1 local host

No proxies involved, I checked the LAN settings and nothing in there is checked

Yes I have tried IE, Chrome and Firefox = same results

And we all use Microsoft Security Essentials for our antivirus
0
 
LVL 8

Assisted Solution

by:coolfiger
coolfiger earned 250 total points
Comment Utility
try this replace the dns server on yoru router and on your fowarders to a public dns lets try  open dns or google dns or both .

208.67.222.22
8.8.8.8

now you should be able to access the sites

on a machien that cannot find the website lets start by doing a traceroute to the site

so you go to cmd and tracert answers.yahoo.com

firstly does it resolve it to a ip ?
and secondly look for the hop where it times out.

Does the hop time out internally on yoru network ? or does it time out outside.

Do you have any firewall which is doing any caching ?

Do you have any rogue dns server or rogue dhcp servers on the network ?
0
 

Author Comment

by:Neogeo147
Comment Utility
I have done a traceroute from my machine to those sites and it resolves just fine, no time out or anything.

My ISP said to reboot my main router and firewall and see if it clears some cache, I have not done that yet, I cannot do it till this Weekend

As for the rougue DNS servers, I really don't know, some people come in here and just plug in hubs or switches to create mutiple connections, I do believe none of them are smart enough to give out a DNS or DHCP cuz I have run into that issue as well.

Anyway of being able to find one with out going to each office and looking?
0
 
LVL 17

Expert Comment

by:bigeven2002
Comment Utility
You can never be too sure about additional hubs being added, not to point any fingers but any one of those times could have been malicious.  It may not be their fault when they add it if the machine they plugged in was already infected with malware to begin with.

Go ahead and reboot your router as scheduled and see if there is any improvement.  On one of the problem computers, you might also try running a antimalware program like malwarebytes to see if it finds anything suspicious.
0
 

Author Comment

by:Neogeo147
Comment Utility
Ok so I rebooted my router and firewall and still cannot access the sites....

I have run malware programs and virus scans and the comptuers are clean

I am going to try the public dns servers and see if that works, if it does than is it my ISP thats the issue?? and if thats the case how come other computers on the network can access them but others cant, actually accessing the sites through my server browser works too, so this is very confusing.
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 17

Expert Comment

by:bigeven2002
Comment Utility
Ok can your domain controller see the yahoo answers site?  If you haven't already, can you verify that the working machines and problem machines have the exact same primary DNS entry which should be pointing to your domain controller?

If so, then on your domain controller, go to setup dns forwarding and use the public dns like opendns.com.
0
 

Author Comment

by:Neogeo147
Comment Utility
Yes the Domain controller can see the yahoo answers site, yes all the machines work off DHCP and pull from the DC. The domain controller is on a Different VLAN however the machines that can't and can access the yahoo answers site are on the same VLAN.

Now I tried to see if it was switch related so I took the ethernet cable out of the computer that can access the sites and plugged it into my laptop  and I still couldn't access those sites. I plugged it back into the other computer and could access the site instantly.

So its not switch related, router related, firewall related, spyware related, so it has to be DNS related but why only some and not all??

I'll try the public DNS on my DC as forwarders to see if that helps, if that does, then what, I know its my ISP??
0
 
LVL 17

Assisted Solution

by:bigeven2002
bigeven2002 earned 250 total points
Comment Utility
Well, I'm throwing in the towel on this one.  Sorry I couldn't be of help.

Hopefully your ISP can help you solve this.
0
 

Author Comment

by:Neogeo147
Comment Utility
Update: Well as of the past week I have noticed that www.facebook.com was losing pictures, like scolling down and seeing some pictures but some with red X's in them. Fast forward till last week and we have lost www.facebook.com...

Now heres where the rabbit hole gets even deeper, Windows XP machines on my network have no problem accessing those sites. (www.answers.yahoo.com, www.solmetric.com and www.facebook.com) Every Windows 7, Mac, Android phone or iPhone cannot access any of these sites, but yet they can ping and trace route them and they all come back responsive.

ISP says its not there fault.......

So can somebody not throw in the towel, I know I have wanted to for sometime... :-)
0
 

Accepted Solution

by:
Neogeo147 earned 0 total points
Comment Utility
The Final answer to this and even Cisco support had no idea but the final thing I did was upgrade the iOS to the latest and greatest for the PIX and copied back the original config and everyone could now access those sites.

The next thing I did was, Replace that outdated Pix for a ASA 5510 and that also solves the issue. :)
0
 

Author Closing Comment

by:Neogeo147
Comment Utility
because it worked to upgrade the iOS on the PIX
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Many admins will agree: WSUS is is a nice invention but using it on the client side when updating a newly installed computer is still time consuming as you have to do several reboots and furthermore, the procedure of installing updates, rebooting an…
INTRODUCTION The purpose of this document is to demonstrate the Installation and configuration of the Data Protection Manager product. Note that this demonstration was prepared on the basis of Windows OS is 2008 R2 and DPM 2010. DATA PROTECTI…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now