Solved

no web browsing from any machine in the domain, but DNS works ?

Posted on 2013-11-04
10
682 Views
Last Modified: 2013-11-06
on an SBS 2011 network, no one in the office can browse the internet including the server.  mail is coming in OK, you can open a command line and ping a name and it resolves OK.

Is this something outside the building / internet provider issue that there's no web browsing?

From outside the building / network I can type in an IP address like:

http://74.53.172.88/ and that brings up a page.  Not for them.  The SBS box is single nic, doing dns and dhcp.

any thoughts?  I am calling the internet provider but figured I'd get a better / quicker answer here!
0
Comment
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
10 Comments
 
LVL 58

Accepted Solution

by:
Cliff Galiher earned 250 total points
ID: 39621595
If name resolution is working then my first guess is that you have web traffic being blocked. It may not be your ISP though. Check your firewall/edge router for rules that may not be allowing web traffic. It is also not entirely uncommon for a business to have a proxy server at the edge to protect web browsing, so standard web traffic is disallowed and *must* go through the proxy.
0
 

Author Comment

by:BeGentleWithMe-INeedHelp
ID: 39621643
Ah! There is a Watchguard Fireware xtm in front of everyone.  Tried logging in and got a 'Code : 5
A connection could not be established to the device.'

power cycled it for about 10 seconds (is that long enough?).

trying to get in now.

(still on hold with ISP)
0
 

Author Comment

by:BeGentleWithMe-INeedHelp
ID: 39621748
reboot did it.  thanks.  Now on hold for watchguard to see why that happened.
0
The Ultimate Checklist to Optimize Your Website

Websites are getting bigger and complicated by the day. Video, images, custom fonts are all great for showcasing your product/service. But the price to pay in terms of reduced page load times and ultimately, decreased sales, can lead to some difficult decisions about what to cut.

 
LVL 77

Assisted Solution

by:Rob Williams
Rob Williams earned 250 total points
ID: 39622116
For how many devices is the Watchguard licensed?  If 10 for example and after a reboot 10 guest devices or devices on your lan connect and get registered, by MAC, no other device will be able to get to the internet.   Rebooting the device resets the counter.  It does not affect LAN traffic, just internet access.
0
 

Author Comment

by:BeGentleWithMe-INeedHelp
ID: 39628072
rob - do you know if I should see that in the web interface (how many users are licensed?).

its not unlimited / performance would just degrade but it would keep working?  now people bring in laptops, tablets, phones, etc.... let alone guests coming into the office.  how does the typical small business deal with that.  5 - 10 employees x 1 desktop x 1 - 2 phones / tablets they bring in + clients / vendors / family that come in once in a while, etc.

are there other vendors that deal with this better?  Fortinet? Isn't that 'unlimited'?  Sure a low end box can't keep up if installed in a fortune 500 site, but even if there's 40 devices on the LAN, not all are using the web at the same time (statistically on average), so for a small business the throughput isn't a big deal vs. licensed for 20 machines.

right?
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 39628389
>>"rob - do you know if I should see that in the web interface (how many users are licensed?)."
I have only used the old Watchguards, but there was a place to see the registered MAC's 10 years ago.

>>"its not unlimited / performance would just degrade but it would keep working?"
It will allow unlimited LAN access but will only allow internet access to the number of licenses you have, and no one else. 100% blocked.

>>" now people bring in laptops, tablets, phones, etc.... let alone guests coming into the office.  how does the typical small business deal with that.  5 - 10 employees x 1 desktop x 1 - 2 phones / tablets they bring in + clients / vendors / family that come in once in a while, etc."
Firstly I would NEVER give an unknown device access to a business network.  Usually we have a commercial ISP account with multiple public IP's and then insert a switch between the modem and 2 Routers, the second router being for guests. This creates an isolated guest network with Internet access but no LAN access.  Commercial grade routers will allow you to do this internally without the need for a switch and second router, by creating VLAN’s.  The Watchguard XTM should allow you to do so.  If worried about licensing costs, the second router allows you to use something like a cheap Linksys for guests that has no licensing limitations.  The following site outlines this to some degree:
http://blog.lan-tech.ca/2011/05/23/create-an-isolated-network-using-one-isp-connection-and-modem/

>>”are there other vendors that deal with this better?  Fortinet? Isn't that 'unlimited'?  Sure a low end box can't keep up if installed in a fortune 500 site, but even if there's 40 devices on the LAN, not all are using the web at the same time (statistically on average), so for a small business the throughput isn't a big deal vs. licensed for 20 machines.”
Most commercial grade routers, have licensing limitations.  I am not sure about Fortinet but Watchguard, Cisco, Juniper, and others do.  Lower end units like Netgear, Linksys, and D-link do not.   Cisco for instance have licenses for 10, 50, and unlimited, and are priced accordingly.
0
 

Author Comment

by:BeGentleWithMe-INeedHelp
ID: 39628485
thanks.  yeah, OK, so there's a vlan for guests / family of employees, etc... does that count against the count of licenses?  What typically does the license cover?
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 39628522
I am afraid I am not up on Watchguard licensing.  There are user licenses as well as licenses for branch VPN, mobile VPN, and security services.  However, I would think guest access counts as well, but you would be best to check with a Watchguard reseller.  It looks as if you may be able to release licenses as well as assign licenses and regain control:
http://www.watchguard.com/help/docs/edge/10/en-US/index_Left.html#CSHID=en-US%2Fauthentication%2Fusermanagement%2Fuser_lic_about_e.html|StartTopic=Content%2Fen-US%2Fauthentication%2Fusermanagement%2Fuser_lic_about_e.html|SkinName=Edge (en-US)
0
 

Author Comment

by:BeGentleWithMe-INeedHelp
ID: 39628567
THANKS!
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 39628665
You're very welcome.
Good luck with it.
--Rob
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preface There are many applications where some computing systems need have their system clocks running synchronized within a small margin and eventually need to be in sync with the global time. There are different solutions for this, i.e. the W3…
Network ports are the threads that hold network communication together. They are an essential part of networking that can be easily ignore or misunderstood, my goals is to show those who don't have a strong network foundation how network ports opera…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question