Link to home
Create AccountLog in
Avatar of Jon Conant
Jon ConantFlag for United States of America

asked on

Strange issue with remote offices IP address.

I have a strange issue.  Client with 2 remote offices.  Changed PC out for accounting which included ADP time clock function.  Access to remote time clocks stopped after I upgraded PC.  Checked IP from other PCs and the remote time clock IPs still don't respond.  No response from remote time clocks on the main network (100.x)

No changes at all to the ASA5520 routers that manage T1 and cable modem inputs.  No changes to routers that support T1s.  ADP was remoted in to the new PC and the tech couldn't understand VPN and the fact that main office is 100.x and remote offices were 101.x and 102.x   i am suspecting that he did something to the time clocks that has caused issue.

So all links are up...everything else is connected and pings fine.  When I ping remote time clock from main office its a no go.  When I ping from an onsite computer at the remote site, I get a response.

I am reasonably good with understanding branch office VPN but am really stumped on this.  What might have happened at the main network to have those IPs blocked?  (we rebooted routers)  or...what might have been programmed by ADP tech on their ATS240 time clocks in the IP config to have them not respond to the main office IP range?

Not only will you get points for answering this but you will have my undying gratitude.
SOLUTION
Avatar of John
John
Flag of Canada image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
SOLUTION
Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
SOLUTION
Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
It does appear that ADP did something when they accessed the new machine.

Since the accounting machine is new, it will have a different machine name to the system than the old machine. That is normal and usually transparent, but that might have affected something.

... Thinkpads_User
It would be good to be certain that the Windows firewall isn't part of the problem.  If the new system uses Windows 7 (or 8), the firewall operates a little different than the firewall in XP.  This firewall can be configured to allow access for systems on the local network, but deny access for systems on external networks.

Even though you're using a VPN, the remote sites are still using different networks (based on their IP range), which may mean the firewall is falsely detecting that the other sites are "external" networks, and therefore blocking access.

The fact that you can ping from "local" computers, but not from remote computers leads me to think the firewall may be a part of your problem.

The best way to be certain it is, or is not causing the problem is to stop the Firewall service completely.  

Control Panel -> Administrative Tools -> Services -> Windows Firewall.

This will tell you in a matter of seconds if the Windows firewall is causing the problem.  If it is the problem, you can either leave the firewall service off (disable it), or you can modify the firewall settings to allow access to the required ports.
Avatar of Jon Conant

ASKER

Thank you.  I didn't put all the troubleshooting into the notes but we did turn the firewall off(and Trendmicro AV).  Also we pinged from w2003 and wXP machines.  All were no go.  and if we pinged from the new machine to printers and servers on the remote site we did get responses.  

An associate gave me a simple step to do that will verify that it's not the network.  We are unplugging the time clock and giving a PC that is there a static IP of the time clock and we will ping that.
ASKER CERTIFIED SOLUTION
Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
No true solution.  helped me get ADP to fix issue.