[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now


Some users cannot access certain websites

Posted on 2012-04-13
Medium Priority
Last Modified: 2012-07-04
I have a situation where I have about 80 users on my network and I have some wireless devices setup as well.

Most everyone is patched in through a patch panel which is then plugged into my server room switches.

Now the strange thing is that some users can access certain websites that others can't. For instance if on my computer I tried www.solmetric.com or www.answers.yahoo.com I get a page cannot be displayed, but the user just down the hallway from me can access those sites.

I have contacted my ISP provider and I have checked my DNS server for the correct forwarders in place and they are correct. I have flushed my DNS, cleared my cache and everything but nothing works. I still cannot access those sites and most of the users here can't either. Only about 5 can access it.

Now another issue came up where a user was connected to our Wifi and was able to pull up the site on there smart phone, then they connected there laptop to the wifi and then they couldn't connect to the website.

I don't know exactly why this is causing this issue to happen, any thoughts would be helpful thanks.
Question by:Neogeo147
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 4
LVL 17

Expert Comment

ID: 37844132

The next thing to check is their HOSTS file on their machine which is located at C:\Windows\System32\drivers\etc

Open the HOSTS file with Notepad and see if there are any unusual entries.

Also, are there any proxies involved?  Can you check one of the problem computers and look at Internet Options > Connections > LAN settings and see if a proxy is set, maybe like to

Also, have you tried an alternate web browser to see if the problem occurs there too?

Lastly, does everyone use the exact same antivirus?  maybe the problem users' policy became misconfigured versus the ones that are working.

Author Comment

ID: 37844193
Yes I have checked those host files and all thats in there is the standard local host

No proxies involved, I checked the LAN settings and nothing in there is checked

Yes I have tried IE, Chrome and Firefox = same results

And we all use Microsoft Security Essentials for our antivirus

Assisted Solution

coolfiger earned 1000 total points
ID: 37844214
try this replace the dns server on yoru router and on your fowarders to a public dns lets try  open dns or google dns or both .

now you should be able to access the sites

on a machien that cannot find the website lets start by doing a traceroute to the site

so you go to cmd and tracert answers.yahoo.com

firstly does it resolve it to a ip ?
and secondly look for the hop where it times out.

Does the hop time out internally on yoru network ? or does it time out outside.

Do you have any firewall which is doing any caching ?

Do you have any rogue dns server or rogue dhcp servers on the network ?
Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?


Author Comment

ID: 37844241
I have done a traceroute from my machine to those sites and it resolves just fine, no time out or anything.

My ISP said to reboot my main router and firewall and see if it clears some cache, I have not done that yet, I cannot do it till this Weekend

As for the rougue DNS servers, I really don't know, some people come in here and just plug in hubs or switches to create mutiple connections, I do believe none of them are smart enough to give out a DNS or DHCP cuz I have run into that issue as well.

Anyway of being able to find one with out going to each office and looking?
LVL 17

Expert Comment

ID: 37844322
You can never be too sure about additional hubs being added, not to point any fingers but any one of those times could have been malicious.  It may not be their fault when they add it if the machine they plugged in was already infected with malware to begin with.

Go ahead and reboot your router as scheduled and see if there is any improvement.  On one of the problem computers, you might also try running a antimalware program like malwarebytes to see if it finds anything suspicious.

Author Comment

ID: 37845590
Ok so I rebooted my router and firewall and still cannot access the sites....

I have run malware programs and virus scans and the comptuers are clean

I am going to try the public dns servers and see if that works, if it does than is it my ISP thats the issue?? and if thats the case how come other computers on the network can access them but others cant, actually accessing the sites through my server browser works too, so this is very confusing.
LVL 17

Expert Comment

ID: 37846674
Ok can your domain controller see the yahoo answers site?  If you haven't already, can you verify that the working machines and problem machines have the exact same primary DNS entry which should be pointing to your domain controller?

If so, then on your domain controller, go to setup dns forwarding and use the public dns like opendns.com.

Author Comment

ID: 37847808
Yes the Domain controller can see the yahoo answers site, yes all the machines work off DHCP and pull from the DC. The domain controller is on a Different VLAN however the machines that can't and can access the yahoo answers site are on the same VLAN.

Now I tried to see if it was switch related so I took the ethernet cable out of the computer that can access the sites and plugged it into my laptop  and I still couldn't access those sites. I plugged it back into the other computer and could access the site instantly.

So its not switch related, router related, firewall related, spyware related, so it has to be DNS related but why only some and not all??

I'll try the public DNS on my DC as forwarders to see if that helps, if that does, then what, I know its my ISP??
LVL 17

Assisted Solution

bigeven2002 earned 1000 total points
ID: 37848717
Well, I'm throwing in the towel on this one.  Sorry I couldn't be of help.

Hopefully your ISP can help you solve this.

Author Comment

ID: 37913014
Update: Well as of the past week I have noticed that www.facebook.com was losing pictures, like scolling down and seeing some pictures but some with red X's in them. Fast forward till last week and we have lost www.facebook.com...

Now heres where the rabbit hole gets even deeper, Windows XP machines on my network have no problem accessing those sites. (www.answers.yahoo.com, www.solmetric.com and www.facebook.com) Every Windows 7, Mac, Android phone or iPhone cannot access any of these sites, but yet they can ping and trace route them and they all come back responsive.

ISP says its not there fault.......

So can somebody not throw in the towel, I know I have wanted to for sometime... :-)

Accepted Solution

Neogeo147 earned 0 total points
ID: 38139237
The Final answer to this and even Cisco support had no idea but the final thing I did was upgrade the iOS to the latest and greatest for the PIX and copied back the original config and everyone could now access those sites.

The next thing I did was, Replace that outdated Pix for a ASA 5510 and that also solves the issue. :)

Author Closing Comment

ID: 38152210
because it worked to upgrade the iOS on the PIX

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I wrote this article to explain some important DNS concepts that should be known to avoid some typical configuration errors I often see in forums. I assume that what is described here is the typical behavior of Microsoft DNS client. I don't know …
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question