Solved

server wont get out on internet

Posted on 2013-01-09
19
519 Views
Last Modified: 2013-01-10
hi

I have recently taken over a new client and that client has several servers at his pratice for his record keeping.

all the servers get out on the internet fine except one.  (this doesnt prevent his office from working but is a pain as I cant do certain things like updates etc that need to be done).

all the other servers have the same gateway and dns , so i think its the ghosts of a old piece of firewall software.  I turned off windows firewall to check to see if it had held up anything and its not that.

here is what happens when I try to ping something

eg .

ping www.yahoo.com

Pinging ds-any-fp3-real.wa1.b.yahoo.com [206.190.36.45] with 32 bytes of data:

request timed out.
request timed out.
etc..

any ideas where i can look.  I have alread checkec to see if there is anything in the add remove program list and nothing out of the ordinary there.
0
Comment
Question by:c45
  • 7
  • 6
  • 3
  • +2
19 Comments
 
LVL 24

Expert Comment

by:smckeown777
ID: 38760485
You mentioned it may be old firewall software - you've no clue what was installed previously?

Other thing I've found sometimes prevents internet access is the AV suite - what is installed currently?

Remember McAfee released an update recently which disabled all machines from accessing the internet, so if you've that installed it could be related...fix is to uninstall McAfee in that instance
0
 
LVL 6

Expert Comment

by:traoher
ID: 38760496
please paste your output of ipconfig /all for one working system and the troubled one.

also, after pinging an internet host, run arp -a on both systems and paste both output too.

check to see if the server has a static NAT confgiured, if so, change it.  To test it, simply modify the IP temporary and test your connectivity.
0
 

Author Comment

by:c45
ID: 38760550
from server with issues

Interface: 192.168.1.253 --- 0x10003
  Internet Address      Physical Address      Type
  192.168.1.43          00-16-76-1d-fb-d7     dynamic
  192.168.1.64          00-21-5a-6c-e2-c2     dynamic
  192.168.1.74          54-04-a6-89-e4-e0     dynamic
  192.168.1.75          00-27-0e-30-d5-ba     dynamic
  192.168.1.76          00-27-0e-30-d3-fc     dynamic
  192.168.1.78          00-26-b9-7d-ce-b3     dynamic
  192.168.1.80          00-1c-c0-28-ea-f8     dynamic
  192.168.1.203         00-16-35-c2-aa-7e     dynamic
  192.168.1.205         00-17-08-54-fa-88     dynamic

C:\Documents and Settings\Administrator>

Documents and Settings\Administrator>ipconfig -all

windows IP Configuration

Host Name . . . . . . . . . . . . : sa-ortho
Primary Dns Suffix  . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

ethernet adapter Local Area Connection:

Connection-specific DNS Suffix  . :
Description . . . . . . . . . . . : HP NC7781 Gigabit Server Adapter
Physical Address. . . . . . . . . : 00-17-08-57-96-38
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.253
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.203

========================================================================
from working server
C:\Documents and Settings\Administrator.DRSMITH>ipconfig

Windows IP Configuration

   Host Name . . . . . . . . . . . . : sa-imgserver
   Primary Dns Suffix  . . . . . . . : drsmith.local
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : drsmith.local

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : HP NC7781 Gigabit
   Physical Address. . . . . . . . . : 00-17-08-54-EE-5F
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.1.230
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1
   DNS Servers . . . . . . . . . . . : 192.168.1.203


C:\Documents and Settings\Administrator.DRSMITH>arp -a

Interface: 192.168.1.230 --- 0x10003
  Internet Address      Physical Address      Type
  192.168.1.1           00-1a-2f-ee-2b-6c     dynamic
  192.168.1.75          00-27-0e-30-d5-ba     dynamic
  192.168.1.203         00-16-35-c2-aa-7e     dynamic
  192.168.1.205         00-17-08-54-fa-88     dynamic
0
 
LVL 6

Expert Comment

by:traoher
ID: 38760710
Can you also do a

route print from both servers?
0
 

Expert Comment

by:ronembriss
ID: 38760892
hey,
how many NICs  are installed on your server that has issues?
If they are two, Disable one of them, probably the one that you don't use in order to isolate the problem.

i have found that some servers prefer one NIC to the other if both are enabled.
0
 
LVL 4

Expert Comment

by:pyranetuk
ID: 38761159
Can you ping 192.168.1.1 from the none working system, do you get replies?

After that can you do another arp -a from same system and post results. that address is missing from your previous results.
0
 

Author Comment

by:c45
ID: 38761203
yes i get replies from pinging 192.168.1.1

arp-a results after pinging

Interface: 192.168.1.253 --- 0x10003

  Internet Address      Physical Address      Type

  192.168.1.1           00-1a-2f-ee-2b-6c     dynamic

  192.168.1.74          54-04-a6-89-e4-e0     dynamic

  192.168.1.76          00-27-0e-30-d3-fc     dynamic

  192.168.1.203         00-16-35-c2-aa-7e     dynamic

  192.168.1.205         00-17-08-54-fa-88     dynamic
0
 
LVL 6

Expert Comment

by:traoher
ID: 38761265
Still need the route print from both systems.
0
 

Author Comment

by:c45
ID: 38761339
sorry traoher for the delay, here you go;


Good Working Route

C:\Documents and Settings\Administrator.DRSMITH>route print

IPv4 Route Table

========================================================================

Interface List

0x1 ........................... MS TCP Loopback interface

0x10003 ...00 17 08 54 fa 88 ...... HP NC7781 Gigabit Server Adapter

======================================================================

=======================================================================

Active Routes:

Network Destination        Netmask          Gateway       Interface  Metric

          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.205     20

        127.0.0.0        255.0.0.0        127.0.0.1        127.0.0.1      1

      192.168.1.0    255.255.255.0    192.168.1.205    192.168.1.205     20

    192.168.1.205  255.255.255.255        127.0.0.1        127.0.0.1     20

    192.168.1.255  255.255.255.255    192.168.1.205    192.168.1.205     20

        224.0.0.0        240.0.0.0    192.168.1.205    192.168.1.205     20

  255.255.255.255  255.255.255.255    192.168.1.205    192.168.1.205      1

Default Gateway:       192.168.1.1

======================================================================

Persistent Routes:

  None


+++++++++++++++++++++++++++++++++++++++++++++++++++++++

non working route

C:\Documents and Settings\Administrator>route print


IPv4 Route Table

=======================================================================

Interface List

0x1 ........................... MS TCP Loopback interface

0x10003 ...00 17 08 57 96 38 ...... HP NC7781 Gigabit Server Adapter

=======================================================================

=======================================================================

Active Routes:

Network Destination        Netmask          Gateway       Interface  Metric

          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.253     20

        127.0.0.0        255.0.0.0        127.0.0.1        127.0.0.1      1

      192.168.1.0    255.255.255.0    192.168.1.253    192.168.1.253     20

    192.168.1.253  255.255.255.255        127.0.0.1        127.0.0.1     20

    192.168.1.255  255.255.255.255    192.168.1.253    192.168.1.253     20

        224.0.0.0        240.0.0.0    192.168.1.253    192.168.1.253     20

  255.255.255.255  255.255.255.255    192.168.1.253    192.168.1.253      1

Default Gateway:       192.168.1.1

=======================================================================

Persistent Routes:

  None
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 6

Expert Comment

by:traoher
ID: 38761392
First of all, you have way too many IP address on the same subnet.  You do not need them.  If you remove them all except one, it should work.

If you insist on running all interfaces because you have other apps listening on those IP, addresses, change your route as

route change 0.0.0.0 mask 0.0.0.0 192.168.1.1 metric 1 if 0x1003
0
 

Author Comment

by:c45
ID: 38761429
Hi, seeing that I am just stepping into this mess I dontk now if those IPs are needed or not, I tried your command and i got the following:

the route specified not found
0
 
LVL 6

Expert Comment

by:traoher
ID: 38761609
try it without  "if 0x1003"
0
 

Author Comment

by:c45
ID: 38761646
no joy on internet access after the route change

here is the latest with the update route

IPv4 Route Table

===========================================================================

Interface List

0x1 ........................... MS TCP Loopback interface

0x10003 ...00 17 08 57 96 38 ...... HP NC7781 Gigabit Server Adapter

===========================================================================

===========================================================================

Active Routes:

Network Destination        Netmask          Gateway       Interface  Metric

          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.253      1

        127.0.0.0        255.0.0.0        127.0.0.1        127.0.0.1      1

      192.168.1.0    255.255.255.0    192.168.1.253    192.168.1.253     20

    192.168.1.253  255.255.255.255        127.0.0.1        127.0.0.1     20

    192.168.1.255  255.255.255.255    192.168.1.253    192.168.1.253     20

        224.0.0.0        240.0.0.0    192.168.1.253    192.168.1.253     20

  255.255.255.255  255.255.255.255    192.168.1.253    192.168.1.253      1

Default Gateway:       192.168.1.1

===========================================================================

Persistent Routes:

  None
0
 
LVL 6

Expert Comment

by:traoher
ID: 38761670
install wireshark and perform some packet captures.  Once you know which interface the packets using, you can focus on it.
0
 
LVL 4

Accepted Solution

by:
pyranetuk earned 500 total points
ID: 38761965
What router are you using? Have you checked the firewall on it in case there are any rules blocking outbound traffic on that IP? You could test by changing the IP of the server to something else temporarily.
0
 
LVL 24

Expert Comment

by:smckeown777
ID: 38763521
Can you access the gateway? I see you can ping it but wondering if its accessible

I mean browse to http://192.168.1.1?
Just to see if the internal network connection is at least working...

What happens if you run this command from the server

tracert 8.8.8.8

Can you show the output from that please?
0
 

Author Comment

by:c45
ID: 38764121
ok guys, changing the ip on that server let me get on the internet.  I am not sure what the ramifications of doing that are, whither there are NAT related to the old one , I am sure I will find out pretty quick.

I am thinking the previous admin may have blocked that machine from going out on the net because it has the info stored on it.

now if i can figure out the NATS etc I should be able to get it back on line.
0
 
LVL 6

Expert Comment

by:traoher
ID: 38764354
lol amazing how some people assigns point.  it's cool though.
0
 
LVL 4

Expert Comment

by:pyranetuk
ID: 38764589
Well did I not suggest it could have been a firewall blocking outbound based on that server IP and it looks as though that may be the issue.
I would now suggest looking at the firewall rules outbound for anything based around that IP address.
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Many admins will agree: WSUS is is a nice invention but using it on the client side when updating a newly installed computer is still time consuming as you have to do several reboots and furthermore, the procedure of installing updates, rebooting an…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now