Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!
COURSE of the MONTH
9 days, 10 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
SBS 2008 internet connection status Not Connected
Posted on 2012-12-30
Hey guys,
I'm stumped. I have here a DC SBS 2008 that has full Lan access, but no internet access. I'm not able to Ping "google.com" but it resolves to the IP and get request timed out. Anything internal works. I tried a tracert to google and it only gets to the first hop. This server has 2 Nics, but only 1 is enabled, Windows firewall is turned off. the AV is Viper which has no firewall features and I can Ping the gateway. I do have ASA firewall and am able to successfully run packet tracer from server IP to googles IP, however HTTP and HTTPS is opened for this server and I am able to RDP to the server from home via RWW.. All PCs and servers on the LAN have internet access.
any help would be great!
I'm stumped. I have here a DC SBS 2008 that has full Lan access, but no internet access. I'm not able to Ping "google.com" but it resolves to the IP and get request timed out. Anything internal works. I tried a tracert to google and it only gets to the first hop. This server has 2 Nics, but only 1 is enabled, Windows firewall is turned off. the AV is Viper which has no firewall features and I can Ping the gateway. I do have ASA firewall and am able to successfully run packet tracer from server IP to googles IP, however HTTP and HTTPS is opened for this server and I am able to RDP to the server from home via RWW.. All PCs and servers on the LAN have internet access.
any help would be great!
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
-
28
20
16- +1
65 Comments
Try restarting the DNS Server and DNS Client in services.
Go to Start - Administrative Tools - Services
Right Click on DNS Server - click restart
Righ click on DNS Client - click restart
Go to Start - Administrative Tools - Services
Right Click on DNS Server - click restart
Righ click on DNS Client - click restart
tracert to 4.2.2.1 gives me the same result as going to google. 1st hop goes to the gateway and times out after.
Restarted DNS server and client no change.
Restarted DNS server and client no change.
Active 7 days ago
It indeed seems like you are not connected to the internet.
Try pinging your ISP default gateway.
Try pinging your ISP default gateway.
Is ping allowed through the ASA? When you do it look at the real time logging using the ASDM and see if you are getting denies.
I guess I should ask if this connection has worked in the past in the current configuration (both hardware and software) and if so have any config changed been made to the ASA.
I guess I should ask if this connection has worked in the past in the current configuration (both hardware and software) and if so have any config changed been made to the ASA.
ping is allowed out from inside. I am unable to telnet to say google.com either where I can from other machines/servers inside the network. The only thing is the ASA was recently reloaded to clear up some memory issues. There was a backup run of the config, the reload was done then the config was reloaded and saved to mem. I have to admit, ASA is not my strong point, however like I said I was able to do a packet trace on the ASA from the servers internal iP to google.coms IP.
the ISP gateway shouldnt be the issue as it's the same used for the rest of the network. All other PCs and servers(with same gateway etc) have internet access.
I'll run another test and check the realtime logs. last time I checked I didn't see anything come from the source IP which in my mind should be the servers IP..
the ISP gateway shouldnt be the issue as it's the same used for the rest of the network. All other PCs and servers(with same gateway etc) have internet access.
I'll run another test and check the realtime logs. last time I checked I didn't see anything come from the source IP which in my mind should be the servers IP..
Yeah thats what I would do just to see if the traffic is even making it to the firewall.
ASA ASDM GUI - Click monitoring on the top, click logging at the bottom, click view in the middle
ASA ASDM GUI - Click monitoring on the top, click logging at the bottom, click view in the middle
Looks like from the log that it's getting through, but the server it's showing timed out?.
6 Dec 30 2012 13:07:41 302020 (Servername) 1 74.125.228.99 0 Built outbound ICMP connection for faddr 74.125.228.99/0 gaddr myispgateway/1 laddr CE-DC00/1
6 Dec 30 2012 13:07:41 302021 74.125.228.99 0 (Servername) 1 Teardown ICMP connection for faddr 74.125.228.99/0 gaddr myispgateway/1 laddr CE-DC00/1
6 Dec 30 2012 13:07:41 302020 (Servername) 1 74.125.228.99 0 Built outbound ICMP connection for faddr 74.125.228.99/0 gaddr myispgateway/1 laddr CE-DC00/1
6 Dec 30 2012 13:07:41 302021 74.125.228.99 0 (Servername) 1 Teardown ICMP connection for faddr 74.125.228.99/0 gaddr myispgateway/1 laddr CE-DC00/1
telnet to yahoo.com 80
6 Dec 30 2012 14:07:33 302013 98.139.183.24 80 (Servername)3100 Built outbound TCP connection 1402777 for outside:98.139.183.24/80 (98.139.183.24/80) to inside:(Servername)/3100 (externalgatewayIP/3100)
6 Dec 30 2012 14:08:03 302014 98.139.183.24 80 (Servername) 3100 Teardown TCP connection 1402777 for outside:98.139.183.24/80 to inside:(Servername)/3100 duration 0:00:30 bytes 0 SYN Timeout
I did notice I have a different IP then when I ping from another machine. get the same results telneting to the other iP on port 80
6 Dec 30 2012 14:07:33 302013 98.139.183.24 80 (Servername)3100 Built outbound TCP connection 1402777 for outside:98.139.183.24/80 (98.139.183.24/80) to inside:(Servername)/3100 (externalgatewayIP/3100)
6 Dec 30 2012 14:08:03 302014 98.139.183.24 80 (Servername) 3100 Teardown TCP connection 1402777 for outside:98.139.183.24/80 to inside:(Servername)/3100 duration 0:00:30 bytes 0 SYN Timeout
I did notice I have a different IP then when I ping from another machine. get the same results telneting to the other iP on port 80
Maybe it's worth trying thre basics...
As it is SBS it always worth running Fix my Network
Have you tried this yet?
As it is SBS it always worth running Fix my Network
Have you tried this yet?
this is just the SBS server.. all other PCs and servers have internet access..
I've tried the fix my network to no avail..
I've tried the fix my network to no avail..
Can you please check that your Network Adapter (LAN) TCP/IP IP address, Default gateway, Router and DNS are configured with the correct settings.
Yes I agree with Waynepre. Check that your gateway address on the server is the same as the working PCs. If it is do a arp -a and ensure it sees it as the right MAC.
yup, I've gone over them a few times thinking I'm missing something stupid.
I've compared to another server I have and settings match other than the IP(of course).
IP 192.168.20.5
SubMask 255.255.255.0
GW 192.168.20.239
prim DNS 192.168.20.5
sec DNS 192.168.20.15
I've compared to another server I have and settings match other than the IP(of course).
IP 192.168.20.5
SubMask 255.255.255.0
GW 192.168.20.239
prim DNS 192.168.20.5
sec DNS 192.168.20.15
Can you please try removing the sec DNS and change the prim DNS to Google 8.8.8.8
and let us know if the internet works on the server then?
and let us know if the internet works on the server then?
what if you do the arp -a from the working server and from the non working server? is the mac the same for both for the gateway IP?
ok I'll check the arp
from the second DC
192.168.20.239 e0-5f-b9-e9-e9-f9 dynamic
from the primary thats having issues
192.168.20.239 e0-5f-b9-e9-e9-f9 dynamic
from the second DC
192.168.20.239 e0-5f-b9-e9-e9-f9 dynamic
from the primary thats having issues
192.168.20.239 e0-5f-b9-e9-e9-f9 dynamic
I know this might be a little redundant but for comparison sake can you turn on the asa monitoring again. Do a telnet yahoo.com 80 from the bad server and then from the good server and see if the traffic is the same?
You have some weird stuff going on.
You have some weird stuff going on.
definitely got some weird stuff going on..
changed the DNS to 8.8.8.8 and still unable to get to the internet, Ping denied.
changed the DNS to 8.8.8.8 and still unable to get to the internet, Ping denied.
oooooook.... ummmm.....
I take it you are using the Exchange on the SBS server???
If so are you able to send an email and receive to / from externally?
I take it you are using the Exchange on the SBS server???
If so are you able to send an email and receive to / from externally?
From the server having issues..
telnet yahoo.com 80
6 Dec 30 2012 16:29:11 302013 72.30.38.140 80 CE-DC00 40009 Built outbound TCP connection 1449336 for outside:72.30.38.140/80 (72.30.38.140/80) to inside:CE-DC00/40009 (142.166.210.193/40009)
6 Dec 30 2012 16:29:41 302014 72.30.38.140 80 CE-DC00 40009 Teardown TCP connection 1449336 for outside:72.30.38.140/80 to inside:CE-DC00/40009 duration 0:00:30 bytes 0 SYN Timeout
telnet yahoo.com 80 on server with internet access
6 Dec 30 2012 16:31:19 302013 98.139.183.24 80 192.168.20.15 53198 Built outbound TCP connection 1449978 for outside:98.139.183.24/80 (98.139.183.24/80) to inside:192.168.20.15/53198
6 Dec 30 2012 16:33:20 302014 98.139.183.24 80 192.168.20.15 53198 Teardown TCP connection 1449978 for outside:98.139.183.24/80 to inside:192.168.20.15/53198
the difference also.. server A not working is sbs 2008.. server B with internet access is server 2K8 R2.
telnet yahoo.com 80
6 Dec 30 2012 16:29:11 302013 72.30.38.140 80 CE-DC00 40009 Built outbound TCP connection 1449336 for outside:72.30.38.140/80 (72.30.38.140/80) to inside:CE-DC00/40009 (142.166.210.193/40009)
6 Dec 30 2012 16:29:41 302014 72.30.38.140 80 CE-DC00 40009 Teardown TCP connection 1449336 for outside:72.30.38.140/80 to inside:CE-DC00/40009 duration 0:00:30 bytes 0 SYN Timeout
telnet yahoo.com 80 on server with internet access
6 Dec 30 2012 16:31:19 302013 98.139.183.24 80 192.168.20.15 53198 Built outbound TCP connection 1449978 for outside:98.139.183.24/80 (98.139.183.24/80) to inside:192.168.20.15/53198
6 Dec 30 2012 16:33:20 302014 98.139.183.24 80 192.168.20.15 53198 Teardown TCP connection 1449978 for outside:98.139.183.24/80 to inside:192.168.20.15/53198
the difference also.. server A not working is sbs 2008.. server B with internet access is server 2K8 R2.
yes SBS is exhange. external email is what started this. internal email works fine, external is not. we are using SBS pop connector to connect to the ISPs server for external mail. I am able to login a mailbox using webmail and see there are emails.. so the problem is this server not able to connect to internet for the pop connector to get what it needs. I'm tying the internet and email issues together.
In the SBS Console can you please re run Connect to the Internet.
Are you able to RDC to the server from the server that does work?
Are you able to RDC to the server from the server that does work?
when I run connect to the internet, it finds the gateway and ip. from what I understand I don't have to configure it since it's the gateway is a 2900 series cisco. but I have to manually configure the ports to be open. THis server is running exchange, DHCP and DNS but not sharepoint. so those ports are open on the ASA 5510.
I am currently connected remotely from home using RWW. and yes I am able to connect using RDC within the network.
and Thank you all so far for your advice.. this ones got me stumped good.
I am currently connected remotely from home using RWW. and yes I am able to connect using RDC within the network.
and Thank you all so far for your advice.. this ones got me stumped good.
I did notice when running telnet to yahoo from multiple different machines that the outside interface is different on the servers that have internet access compared to the one which does not. the server with no access seems to be trying to use the external Gateway. looking at the logs I've posted above. I'm not sure if this would be a routing issue on the firwall or not?
The firewall was going to be my next suggestion, do you have a working backup of the config that you could restore to?
no the current state which doesn't work. I tried to restore the config to the most recent which is Feb. and I have the same issue. The server was working last week prior to the ASA reboot due to memory issues.. I just took over administering this building.
Between me, you and wrwiii12 we have been working on this for over 5 hours now and it seems we are not getting any closer to resolving your issue. I think it might be worth having a second pair of eyes going over the config of your server. Would you allow remote access?
For security i think it might be best if you email me d(etails are on my profile). I will send you the details over email.. But we should always update this forum with our results.
Yeah if you are getting 2 different IPs on public I think there is a config issue too.
Good luck and let me know if you need a 3rd set of eyes.
Good luck and let me know if you need a 3rd set of eyes.
well, it looks like it certainly is a firewall issue thats blocking the .5 internal IP. I changed the IP on the server to .8 and internet was back up with all functionality.. I changed IP address in the network object of my ASA to the new IP and saved it to mem, hopeing that the .8 would be blocked and I could reconfigure to the .5 IP to keep all the services running with the original IP, but unfortunately that had no effect.
So do I need to open a new question for this or can I continue as this issue is not yet fully resolved.
Thank you Waynepre to giving me someone to bounce ideas from. you were certainly committed to this and I appreciate it.. Can I give points for that? 8o)
So do I need to open a new question for this or can I continue as this issue is not yet fully resolved.
Thank you Waynepre to giving me someone to bounce ideas from. you were certainly committed to this and I appreciate it.. Can I give points for that? 8o)
So do we have anyone here who is good with ASA5510 that can help me by perhaps looking at my ACL? see what I'm missing?
Good luck guys... Let me know how you get on and did it..
Email me with details on my profile....
Happy New Year to all..
Email me with details on my profile....
Happy New Year to all..
Gents if you need me Skype me on waynepre might us be worth adding each other to help each other in future if you like..
Sounds good to me. My skype name is wrwiii12, i missed an i.
He will be able to give more info later on to confirm but it seems like it might have been a bad NIC issue.
He will be able to give more info later on to confirm but it seems like it might have been a bad NIC issue.
Ah, NIC or firewall?? as the firewall isn't accepting 192.168.20.5?
at first we thought it could have been the router, but then digging deeper we thought it was the server so digged deeper into that. The server could do with being rebuilt at some point but that is gonna be a massive job.
I think once Reg has this little issue resolved he will be fine until he decides what he wants to do... I have spoken to my Cisco expert but he is drunk would you believe lol... So I will have a chat with him tomorrow if there still is an issue with the firewall.
Just had a thought, if it still is the firewall and not the NIC is it worth resetting the firewall back to factory settings upgrade the firmware and reconfigure..??
If its the NIC change to the second NIC that is currently disabled.
at first we thought it could have been the router, but then digging deeper we thought it was the server so digged deeper into that. The server could do with being rebuilt at some point but that is gonna be a massive job.
I think once Reg has this little issue resolved he will be fine until he decides what he wants to do... I have spoken to my Cisco expert but he is drunk would you believe lol... So I will have a chat with him tomorrow if there still is an issue with the firewall.
Just had a thought, if it still is the firewall and not the NIC is it worth resetting the firewall back to factory settings upgrade the firmware and reconfigure..??
If its the NIC change to the second NIC that is currently disabled.
Ah I thought we tried that and .5 didn't work I must be wrong. Well I am glad we have gotten to the bottom of it... Right I'm off to bed its 02:14 here and I gotta be up early. Night to you both and Happy new year.
Hey guys,
ok... .5 wasn't working originally, and With Wayne I switched it to .8 to test and it was working.. so to test I switched it back to .5 and it still wasn't working so I was 99% sure it was firewall. Happy new year Wayne. 80)..
So Will came on and we were going to look at the ASA. well after a quick game plan, I went to the server room and switched the IP back to .5.. by this time the IP had been switched for probably 30 mins to an hr. low and behold.. the internet was working.. ping requests worked etc.. I blame it on William, I think the my internetz wuz sceered!.. so it started to work again.. right? 8o)
well I wasn't able to recreated it which leads me to beleive it might of been an ARP cache issue.. I will try again to replicate it tomorrow but count it resolved FINALLY..
I'm going to have to split the points.. Will for scaring it straight.. 80) and Wayne for the dedication and time he offered in assistance.. Great to have guys like these around to help bounce some ideas or second pair of eyes when needed.
thanks again!
ok... .5 wasn't working originally, and With Wayne I switched it to .8 to test and it was working.. so to test I switched it back to .5 and it still wasn't working so I was 99% sure it was firewall. Happy new year Wayne. 80)..
So Will came on and we were going to look at the ASA. well after a quick game plan, I went to the server room and switched the IP back to .5.. by this time the IP had been switched for probably 30 mins to an hr. low and behold.. the internet was working.. ping requests worked etc.. I blame it on William, I think the my internetz wuz sceered!.. so it started to work again.. right? 8o)
well I wasn't able to recreated it which leads me to beleive it might of been an ARP cache issue.. I will try again to replicate it tomorrow but count it resolved FINALLY..
I'm going to have to split the points.. Will for scaring it straight.. 80) and Wayne for the dedication and time he offered in assistance.. Great to have guys like these around to help bounce some ideas or second pair of eyes when needed.
thanks again!
Hey guys,
Ok this is is not closed. the problem came back couple times since. Originally I thought it was the ARP.. but the next time it happed I tried flushing ARP and nothing. So I swapped to the second nic permanently and that did not fix it either. It seems the problem flops between IP.
So basically the original IP is .5 and the second IP is .8.
Internet access drops from .5 (note internal network still functions 100%). Swap to .8 IP and internet is up. After about 4 to 5 hrs running internet drops on .8. change the IP back to .5 then the internet is up again.
Any thoughts?
Ok this is is not closed. the problem came back couple times since. Originally I thought it was the ARP.. but the next time it happed I tried flushing ARP and nothing. So I swapped to the second nic permanently and that did not fix it either. It seems the problem flops between IP.
So basically the original IP is .5 and the second IP is .8.
Internet access drops from .5 (note internal network still functions 100%). Swap to .8 IP and internet is up. After about 4 to 5 hrs running internet drops on .8. change the IP back to .5 then the internet is up again.
Any thoughts?
thanks for the offer, but I think I have it licked this time. I'm just waiting to see if I drops today.. I will update.
it was tough as either really resolved the issue, however time and dedication and brainstorming were great and helped come to resolution so I had to split the points.. in the end, ARP cache was the issue I beleive.
Confirmed ARP cache was the problem. I had to clear the cache on my cisco router as well as on the server and let them rebuild themselves. There was a duplicate mac entry in the ARP on the router for both the IPs used on the server. once I cleared the ARP, it matched the Mac of the primary nic to the proper IP and everything has been stable since last week..
Featured Post
WatchGuard's newest M series appliances were put to the test by Miercom. We had great results and outperformed all of our competitors in both stateless and stateful traffic throghput scenarios! Ready to see how your UTM appliance stacked up? Download the Miercom Report!
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Large and small networks have one same need, Service monitoring. Service monitoring consists of watch services of the several servers in the network. To monitor means that the administrator will receive an alert when a service is down or it's state …
Load balancing is the method of dividing the total amount of work performed by one computer between two or more computers. Its aim is to get more work done in the same amount of time, ensuring that all the users get served faster.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail. The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg).
If you're interested in additional methods for monitoring bandwidt…
Suggested Courses
Course of the Month9 days, 10 hours left to enroll
762 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.