Some users cannot access certain websites

I have a situation where I have about 80 users on my network and I have some wireless devices setup as well.

Most everyone is patched in through a patch panel which is then plugged into my server room switches.

Now the strange thing is that some users can access certain websites that others can't. For instance if on my computer I tried or I get a page cannot be displayed, but the user just down the hallway from me can access those sites.

I have contacted my ISP provider and I have checked my DNS server for the correct forwarders in place and they are correct. I have flushed my DNS, cleared my cache and everything but nothing works. I still cannot access those sites and most of the users here can't either. Only about 5 can access it.

Now another issue came up where a user was connected to our Wifi and was able to pull up the site on there smart phone, then they connected there laptop to the wifi and then they couldn't connect to the website.

I don't know exactly why this is causing this issue to happen, any thoughts would be helpful thanks.
Neogeo147IT Systems AdminAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.


The next thing to check is their HOSTS file on their machine which is located at C:\Windows\System32\drivers\etc

Open the HOSTS file with Notepad and see if there are any unusual entries.

Also, are there any proxies involved?  Can you check one of the problem computers and look at Internet Options > Connections > LAN settings and see if a proxy is set, maybe like to

Also, have you tried an alternate web browser to see if the problem occurs there too?

Lastly, does everyone use the exact same antivirus?  maybe the problem users' policy became misconfigured versus the ones that are working.
Neogeo147IT Systems AdminAuthor Commented:
Yes I have checked those host files and all thats in there is the standard local host

No proxies involved, I checked the LAN settings and nothing in there is checked

Yes I have tried IE, Chrome and Firefox = same results

And we all use Microsoft Security Essentials for our antivirus
try this replace the dns server on yoru router and on your fowarders to a public dns lets try  open dns or google dns or both .

now you should be able to access the sites

on a machien that cannot find the website lets start by doing a traceroute to the site

so you go to cmd and tracert

firstly does it resolve it to a ip ?
and secondly look for the hop where it times out.

Does the hop time out internally on yoru network ? or does it time out outside.

Do you have any firewall which is doing any caching ?

Do you have any rogue dns server or rogue dhcp servers on the network ?
Exploring SharePoint 2016

Explore SharePoint 2016, the web-based, collaborative platform that integrates with Microsoft Office to provide intranets, secure document management, and collaboration so you can develop your online and offline capabilities.

Neogeo147IT Systems AdminAuthor Commented:
I have done a traceroute from my machine to those sites and it resolves just fine, no time out or anything.

My ISP said to reboot my main router and firewall and see if it clears some cache, I have not done that yet, I cannot do it till this Weekend

As for the rougue DNS servers, I really don't know, some people come in here and just plug in hubs or switches to create mutiple connections, I do believe none of them are smart enough to give out a DNS or DHCP cuz I have run into that issue as well.

Anyway of being able to find one with out going to each office and looking?
You can never be too sure about additional hubs being added, not to point any fingers but any one of those times could have been malicious.  It may not be their fault when they add it if the machine they plugged in was already infected with malware to begin with.

Go ahead and reboot your router as scheduled and see if there is any improvement.  On one of the problem computers, you might also try running a antimalware program like malwarebytes to see if it finds anything suspicious.
Neogeo147IT Systems AdminAuthor Commented:
Ok so I rebooted my router and firewall and still cannot access the sites....

I have run malware programs and virus scans and the comptuers are clean

I am going to try the public dns servers and see if that works, if it does than is it my ISP thats the issue?? and if thats the case how come other computers on the network can access them but others cant, actually accessing the sites through my server browser works too, so this is very confusing.
Ok can your domain controller see the yahoo answers site?  If you haven't already, can you verify that the working machines and problem machines have the exact same primary DNS entry which should be pointing to your domain controller?

If so, then on your domain controller, go to setup dns forwarding and use the public dns like
Neogeo147IT Systems AdminAuthor Commented:
Yes the Domain controller can see the yahoo answers site, yes all the machines work off DHCP and pull from the DC. The domain controller is on a Different VLAN however the machines that can't and can access the yahoo answers site are on the same VLAN.

Now I tried to see if it was switch related so I took the ethernet cable out of the computer that can access the sites and plugged it into my laptop  and I still couldn't access those sites. I plugged it back into the other computer and could access the site instantly.

So its not switch related, router related, firewall related, spyware related, so it has to be DNS related but why only some and not all??

I'll try the public DNS on my DC as forwarders to see if that helps, if that does, then what, I know its my ISP??
Well, I'm throwing in the towel on this one.  Sorry I couldn't be of help.

Hopefully your ISP can help you solve this.
Neogeo147IT Systems AdminAuthor Commented:
Update: Well as of the past week I have noticed that was losing pictures, like scolling down and seeing some pictures but some with red X's in them. Fast forward till last week and we have lost

Now heres where the rabbit hole gets even deeper, Windows XP machines on my network have no problem accessing those sites. (, and Every Windows 7, Mac, Android phone or iPhone cannot access any of these sites, but yet they can ping and trace route them and they all come back responsive.

ISP says its not there fault.......

So can somebody not throw in the towel, I know I have wanted to for sometime... :-)
Neogeo147IT Systems AdminAuthor Commented:
The Final answer to this and even Cisco support had no idea but the final thing I did was upgrade the iOS to the latest and greatest for the PIX and copied back the original config and everyone could now access those sites.

The next thing I did was, Replace that outdated Pix for a ASA 5510 and that also solves the issue. :)

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Neogeo147IT Systems AdminAuthor Commented:
because it worked to upgrade the iOS on the PIX
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.