Solved

Windows 2003 Server Relocated - Packets sent none received

Posted on 2013-01-27
17
501 Views
Last Modified: 2013-02-01
Hi all,
      Yesterday, I relocated our company's mail server, running Windows 2003 R2 in a domain with a static IP #. While the PDC is working just fine in the new location and new gateway, this mailserver is not happy. The OS says it is connected in "Network Connections", but can not ping anything other than itself, does not access the internet, and can not acquire an IP from the Router (anAT&T router/modem) in DHCP mode. It shows numerous packets sent and 0 received. I have tried repairing the connection, re-installing the NIC driver, installing a new NIC, switching cables and switch ports, and flushing DNS. I do need to get this up and running by Monday. What else can I try? Thanks for any help.
0
Comment
Question by:PCGenieLA
  • 8
  • 6
  • 3
17 Comments
 
LVL 12

Expert Comment

by:TomRScott
ID: 38824885
Try a static IP, at least as a diagnostic.

I normally assign static IP addresses to servers anyway. However, if you wish to use DHCP for a non-Exchange mail server, using a static during diagnostics would eliminate some of the questions.

 - Tom
0
 
LVL 20

Expert Comment

by:CompProbSolv
ID: 38824904
I agree with the comments about using a static IP.

If the mailserver worked before the move and no changes were made to it other than moving it, this points to a simple physical connection problem.  Plug a workstation into the jack that the mailserver is presently connected to and see if it can ping the router, internet, etc.  This will identify if all is well up to that point.

When you have that workstation connected, run the following and post the output here:

start
run
cmd
ipconfig /all
exit

Reconnect the mail server, configure the static IP, then run those same commands above and post the results.

I would also suggest posting the results of:
tracert 4.2.2.2
0
 

Author Comment

by:PCGenieLA
ID: 38824947
You guys misunderstood. Of course, I usually use a static IP, and I tried a static IP at first, but then just tried DHCP to see if there was any communication with the DHCP server in the router. And of course, I also tried a workstation on the same port and the same hub and it works fine. I think this all points to something in the OS. The tracert 4.2.2.2 returns "request timed out" on all hops. The first hop is to the router 192.168.1.254 as displayed on tracert done on a workstation on the same hub. So the fact is that there is no communication between the server and the router.
0
 
LVL 20

Expert Comment

by:CompProbSolv
ID: 38825019
I am assuming that you've tried pinging local devices other than the router without success and that there are only switches between those devices and the mail server.  Assuming that this is correct, it implies that the problem is not with the router.

Is the switch to which the mail server is connected a "smart" switch?  Is there any chance that there is a VLAN setup or some other filtering?

When you ping, do you see activity on the switch indicating that the packets are actually getting there?

I am also assuming (ipconfig /all output would confirm) that you have proper IP address settings on the mail server.

When you moved the mail server, did you do anything to it other than shutting it down, moving it, and starting it back up?
0
 

Author Comment

by:PCGenieLA
ID: 38825344
Your  assumptions are correct: Pinging other devices yielded no results- "requests timed out". I even connected the mail server directly to the router andthis yielded the same results. Thus, I bypassed any and all switches. I checked the activity lights on the NIC, both new and old. They both showed activity for each ping and for each Tracert. The only possible issue that I haven't addressed is the manner of the shutdown. It was a hard shutdown using the power button, since I had no keyboard and monitor. However, since restarting, the OS has behaved entirely nromally, except for the present issue.
0
 

Author Comment

by:PCGenieLA
ID: 38825370
FYI,
IPCONFIG /ALL yields the following:
Host Name: RaidServer
Primary DNS Suffix: homeoffice.jskent.com
Node Type: Broadcast
IP routing enabled: yes
WINS proxy enabled: yes
DNS Suffix Search List:  homeoffice.jskent.com
                                            jskent.com

Ethernet adapter Local Area Connection 3
Connection Specific DNS Suffix:
Description:  Realtek RTL8169 Gigabit Ethernet Adapter
Physical Address: 08-60-6E-CE-0E-21
DHCP Enabled: no
IP address: 192.168.1.175
Subnet Mask: 255.255.255.0
Default Gateway: 192.168.1.254
DNS Servers: 4.4.4.2
                     192.168.1.11


192.168.1.11 is the IP of the transplanted PDC.
0
 
LVL 12

Expert Comment

by:TomRScott
ID: 38825401
Try using the same cable used by the successful workstation by disconnecting it just from the workstation (never disconnecting the cable from the switch) and connecting it to the server.

Then attempt the ping again.

This will assure a known good switch port (with same VLAN, per CompProbSolv's suggestion) and a known good Ethernet cable.

 - Tom
0
 

Author Comment

by:PCGenieLA
ID: 38825519
I switched the cables as you suggested and got no surprises. That is, the cable from the good workstation, plugged into the same switch as the server, yielded "request timed out" when plugged into the server. Conversely, the ping result from using the cable from the server on the good workstation yielded normal results. In all cases, the ping results on server are normal when  I ping either its IP# or 127.0.0.1, but not with any other address.
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 
LVL 20

Expert Comment

by:CompProbSolv
ID: 38825580
Unrelated to your present problem, I'd suggest getting rid of 4.4.4.2 as the primary DNS and only have the local DNS referenced.

I've got to ask another obvious one: Is there any chance that there are two network connections on the server and you are using a different one than before?  That wouldn't explain some of your results, but important nonetheless.

Any chance of some "crud" (dust ball or whatever) getting in the network jack during the move?

I'd consider deleting the network card in Device Manager and reinstalling it.  I'd also try:
netsh ip reset resultfile.txt

I have a couple of USB-to-Ethernet adapters on hand.  If you have such things, I'd try connecting one of them and see if that works.  Otherwise, do you have a suitable internal NIC that you could try?  I'd be trying to isolate a hardware problem with the NIC with some sort of software issue.

You could also try booting a Linux CD or a Bart PE CD to see if the NIC works properly there, but you may have more trouble getting the proper NIC drivers than this test is worth.
0
 

Author Comment

by:PCGenieLA
ID: 38825615
I tried the 4.4.4.2 DNS just as test. The fact that we have been dealing with IP# and not domain names makes this issue unimportant.
I did check the physical condition of the ethernet port-- nothing amiss. I also disabled the onboard NIC I was using and installed a new PCI NIC. The driver installed just fine. Happy in Device Manager.
 As to netsh command, there is no "IP reset" subcommands. There is ipsec, as in netsh ipsec. Can you please check this command and clarify what you're looking for?
0
 
LVL 20

Expert Comment

by:CompProbSolv
ID: 38825628
re: 4.4.4.2: agreed that this is unimportant for the current issue.

I'm assuming that the PCI NIC shows the same lack of connectivity.

As far as the netsh command, I was close!  Try:
netsh int ip reset resultfile.txt

(If you want to know more about this, take a look at: http://support.microsoft.com/kb/317518 )
0
 
LVL 12

Expert Comment

by:TomRScott
ID: 38825680
BTW:  DNS 4.2.2.2 not 4.4.4.2.  Unimportant now while trying to just ping, but critical once that hurdle is passed.

PCGenie has an excellent point. A REALLY common mistake on servers that often have multiple NICs.  I've done that several times on multiple NIC workstations (and, I admit, on a server or two as well).

Look for another NIC on the server and try that.

 - Tom
0
 

Author Comment

by:PCGenieLA
ID: 38827264
"Eureka" is Greek for "I Found it", but what is Greek for "I found part of it"? I happened to check the router and noticed that the working workstation had TWO connections, one wired and one wrieless, but the wired connection was inactive. Turns out the wall jack to that room was not working: the workstation was working, but wirelessly. I relocated the server and the switch and it works-- sort of. It now accesses the internet and can ping all other machines, but 1) other machines cannot ping the server, and 2) it cannot send or receive email. Regarding 2) I suspect a router issue. What protocols should be allowd through the router beside smtp and pop3?
0
 
LVL 20

Expert Comment

by:CompProbSolv
ID: 38827765
Good to hear that you got past the basic connectivity problem.  It's not clear how a disconnected wall jack would get in the way when you "connected the mail server directly to the router", but we can leave well enough alone.

As far as other workstations pinging the mail server, do we know that this worked before the relocation?

What sort of mail server is this?

If this is a new ISP, do you know if they block port 25?
0
 

Author Comment

by:PCGenieLA
ID: 38828078
Yes, pinging worked before amongst all computers.

This mailserver is running Mailtraq

Yes this is AT&T, the old ISP was Verizon. I don't believe they block port 25 because the router allowed me to open SMTP and POP3 through the router to the server.
0
 
LVL 20

Accepted Solution

by:
CompProbSolv earned 500 total points
ID: 38828176
It is very common for ISPs to block port 25.  The fact that the router allows you to open up the port is no indication of anything as far as what the ISP allows through.

This doesn't explain why POP3 doesn't work, though.

I'm not much of a mail expert and haven't run into Mailtraq at all.  Does it have any logging to help?
0
 

Author Closing Comment

by:PCGenieLA
ID: 38843907
I guess the use of an AT&T dsl connection isn't the most conducive to mail servers and domain setups. I think you're right about port 25 being blocked, and that together with the use of a dynmaic IP for public address, makes mail service at this location problematic. So, since this is just a temproary location, for a couple of weeks, I'll use alternative services.
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

We recently endured a series of broadcast storms that caused our ISP to shut us down for brief periods of time. After going through a multitude of tests, we determined that the issue was related to Intel NIC drivers on some new HP desktop computers …
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now