Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 566
  • Last Modified:

server wont get out on internet

hi

I have recently taken over a new client and that client has several servers at his pratice for his record keeping.

all the servers get out on the internet fine except one.  (this doesnt prevent his office from working but is a pain as I cant do certain things like updates etc that need to be done).

all the other servers have the same gateway and dns , so i think its the ghosts of a old piece of firewall software.  I turned off windows firewall to check to see if it had held up anything and its not that.

here is what happens when I try to ping something

eg .

ping www.yahoo.com

Pinging ds-any-fp3-real.wa1.b.yahoo.com [206.190.36.45] with 32 bytes of data:

request timed out.
request timed out.
etc..

any ideas where i can look.  I have alread checkec to see if there is anything in the add remove program list and nothing out of the ordinary there.
0
c45
Asked:
c45
  • 7
  • 6
  • 3
  • +2
1 Solution
 
smckeown777Commented:
You mentioned it may be old firewall software - you've no clue what was installed previously?

Other thing I've found sometimes prevents internet access is the AV suite - what is installed currently?

Remember McAfee released an update recently which disabled all machines from accessing the internet, so if you've that installed it could be related...fix is to uninstall McAfee in that instance
0
 
traoherCommented:
please paste your output of ipconfig /all for one working system and the troubled one.

also, after pinging an internet host, run arp -a on both systems and paste both output too.

check to see if the server has a static NAT confgiured, if so, change it.  To test it, simply modify the IP temporary and test your connectivity.
0
 
c45Author Commented:
from server with issues

Interface: 192.168.1.253 --- 0x10003
  Internet Address      Physical Address      Type
  192.168.1.43          00-16-76-1d-fb-d7     dynamic
  192.168.1.64          00-21-5a-6c-e2-c2     dynamic
  192.168.1.74          54-04-a6-89-e4-e0     dynamic
  192.168.1.75          00-27-0e-30-d5-ba     dynamic
  192.168.1.76          00-27-0e-30-d3-fc     dynamic
  192.168.1.78          00-26-b9-7d-ce-b3     dynamic
  192.168.1.80          00-1c-c0-28-ea-f8     dynamic
  192.168.1.203         00-16-35-c2-aa-7e     dynamic
  192.168.1.205         00-17-08-54-fa-88     dynamic

C:\Documents and Settings\Administrator>

Documents and Settings\Administrator>ipconfig -all

windows IP Configuration

Host Name . . . . . . . . . . . . : sa-ortho
Primary Dns Suffix  . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

ethernet adapter Local Area Connection:

Connection-specific DNS Suffix  . :
Description . . . . . . . . . . . : HP NC7781 Gigabit Server Adapter
Physical Address. . . . . . . . . : 00-17-08-57-96-38
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.253
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.203

========================================================================
from working server
C:\Documents and Settings\Administrator.DRSMITH>ipconfig

Windows IP Configuration

   Host Name . . . . . . . . . . . . : sa-imgserver
   Primary Dns Suffix  . . . . . . . : drsmith.local
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : drsmith.local

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : HP NC7781 Gigabit
   Physical Address. . . . . . . . . : 00-17-08-54-EE-5F
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.1.230
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1
   DNS Servers . . . . . . . . . . . : 192.168.1.203


C:\Documents and Settings\Administrator.DRSMITH>arp -a

Interface: 192.168.1.230 --- 0x10003
  Internet Address      Physical Address      Type
  192.168.1.1           00-1a-2f-ee-2b-6c     dynamic
  192.168.1.75          00-27-0e-30-d5-ba     dynamic
  192.168.1.203         00-16-35-c2-aa-7e     dynamic
  192.168.1.205         00-17-08-54-fa-88     dynamic
0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 
traoherCommented:
Can you also do a

route print from both servers?
0
 
ronembrissCommented:
hey,
how many NICs  are installed on your server that has issues?
If they are two, Disable one of them, probably the one that you don't use in order to isolate the problem.

i have found that some servers prefer one NIC to the other if both are enabled.
0
 
pyranetukCommented:
Can you ping 192.168.1.1 from the none working system, do you get replies?

After that can you do another arp -a from same system and post results. that address is missing from your previous results.
0
 
c45Author Commented:
yes i get replies from pinging 192.168.1.1

arp-a results after pinging

Interface: 192.168.1.253 --- 0x10003

  Internet Address      Physical Address      Type

  192.168.1.1           00-1a-2f-ee-2b-6c     dynamic

  192.168.1.74          54-04-a6-89-e4-e0     dynamic

  192.168.1.76          00-27-0e-30-d3-fc     dynamic

  192.168.1.203         00-16-35-c2-aa-7e     dynamic

  192.168.1.205         00-17-08-54-fa-88     dynamic
0
 
traoherCommented:
Still need the route print from both systems.
0
 
c45Author Commented:
sorry traoher for the delay, here you go;


Good Working Route

C:\Documents and Settings\Administrator.DRSMITH>route print

IPv4 Route Table

========================================================================

Interface List

0x1 ........................... MS TCP Loopback interface

0x10003 ...00 17 08 54 fa 88 ...... HP NC7781 Gigabit Server Adapter

======================================================================

=======================================================================

Active Routes:

Network Destination        Netmask          Gateway       Interface  Metric

          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.205     20

        127.0.0.0        255.0.0.0        127.0.0.1        127.0.0.1      1

      192.168.1.0    255.255.255.0    192.168.1.205    192.168.1.205     20

    192.168.1.205  255.255.255.255        127.0.0.1        127.0.0.1     20

    192.168.1.255  255.255.255.255    192.168.1.205    192.168.1.205     20

        224.0.0.0        240.0.0.0    192.168.1.205    192.168.1.205     20

  255.255.255.255  255.255.255.255    192.168.1.205    192.168.1.205      1

Default Gateway:       192.168.1.1

======================================================================

Persistent Routes:

  None


+++++++++++++++++++++++++++++++++++++++++++++++++++++++

non working route

C:\Documents and Settings\Administrator>route print


IPv4 Route Table

=======================================================================

Interface List

0x1 ........................... MS TCP Loopback interface

0x10003 ...00 17 08 57 96 38 ...... HP NC7781 Gigabit Server Adapter

=======================================================================

=======================================================================

Active Routes:

Network Destination        Netmask          Gateway       Interface  Metric

          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.253     20

        127.0.0.0        255.0.0.0        127.0.0.1        127.0.0.1      1

      192.168.1.0    255.255.255.0    192.168.1.253    192.168.1.253     20

    192.168.1.253  255.255.255.255        127.0.0.1        127.0.0.1     20

    192.168.1.255  255.255.255.255    192.168.1.253    192.168.1.253     20

        224.0.0.0        240.0.0.0    192.168.1.253    192.168.1.253     20

  255.255.255.255  255.255.255.255    192.168.1.253    192.168.1.253      1

Default Gateway:       192.168.1.1

=======================================================================

Persistent Routes:

  None
0
 
traoherCommented:
First of all, you have way too many IP address on the same subnet.  You do not need them.  If you remove them all except one, it should work.

If you insist on running all interfaces because you have other apps listening on those IP, addresses, change your route as

route change 0.0.0.0 mask 0.0.0.0 192.168.1.1 metric 1 if 0x1003
0
 
c45Author Commented:
Hi, seeing that I am just stepping into this mess I dontk now if those IPs are needed or not, I tried your command and i got the following:

the route specified not found
0
 
traoherCommented:
try it without  "if 0x1003"
0
 
c45Author Commented:
no joy on internet access after the route change

here is the latest with the update route

IPv4 Route Table

===========================================================================

Interface List

0x1 ........................... MS TCP Loopback interface

0x10003 ...00 17 08 57 96 38 ...... HP NC7781 Gigabit Server Adapter

===========================================================================

===========================================================================

Active Routes:

Network Destination        Netmask          Gateway       Interface  Metric

          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.253      1

        127.0.0.0        255.0.0.0        127.0.0.1        127.0.0.1      1

      192.168.1.0    255.255.255.0    192.168.1.253    192.168.1.253     20

    192.168.1.253  255.255.255.255        127.0.0.1        127.0.0.1     20

    192.168.1.255  255.255.255.255    192.168.1.253    192.168.1.253     20

        224.0.0.0        240.0.0.0    192.168.1.253    192.168.1.253     20

  255.255.255.255  255.255.255.255    192.168.1.253    192.168.1.253      1

Default Gateway:       192.168.1.1

===========================================================================

Persistent Routes:

  None
0
 
traoherCommented:
install wireshark and perform some packet captures.  Once you know which interface the packets using, you can focus on it.
0
 
pyranetukCommented:
What router are you using? Have you checked the firewall on it in case there are any rules blocking outbound traffic on that IP? You could test by changing the IP of the server to something else temporarily.
0
 
smckeown777Commented:
Can you access the gateway? I see you can ping it but wondering if its accessible

I mean browse to http://192.168.1.1? 
Just to see if the internal network connection is at least working...

What happens if you run this command from the server

tracert 8.8.8.8

Can you show the output from that please?
0
 
c45Author Commented:
ok guys, changing the ip on that server let me get on the internet.  I am not sure what the ramifications of doing that are, whither there are NAT related to the old one , I am sure I will find out pretty quick.

I am thinking the previous admin may have blocked that machine from going out on the net because it has the info stored on it.

now if i can figure out the NATS etc I should be able to get it back on line.
0
 
traoherCommented:
lol amazing how some people assigns point.  it's cool though.
0
 
pyranetukCommented:
Well did I not suggest it could have been a firewall blocking outbound based on that server IP and it looks as though that may be the issue.
I would now suggest looking at the firewall rules outbound for anything based around that IP address.
0

Featured Post

Become an Android App Developer

Ready to kick start your career in 2018? Learn how to build an Android app in January’s Course of the Month and open the door to new opportunities.

  • 7
  • 6
  • 3
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now