We value your feedback.
Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!
Course Of The Month
1 day, 16 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Can't access outside websites sometimes
Posted on 2013-12-12
Hello experts,
I have an issue with outside webpages not coming up (google, yahoo, Microsoft…etc.)
Last two weeks we have been having a random hand full of users that fire up there computers in the morning and all is good, then later in the morning or midafternoon they can’t access any outside webpages. Can access inside (internally hosted websites) webpages. And not always the same users.
We have two internal DNS servers (2008 R2) that have been running smooth for a couple years now with no major updates or configurations. The only DNS logs on server show is an invalid domain name packet that is reject every now and then. I have restarted DNS services on server, Restarted DNS servers.
When this happens to the users, I can still ping the outside world from client (google, Microsoft …etc.), even get an nslookup. But no outside webpages come up. (just blank white page saying “Can’t find webpage”)
At first I thought this was related to Internet Explorer 11, but couple days later users with 9, and 10 started having the same issue. (all users are windows 7 boxes)
Ipconfig all looks good on clients (show right gateways and DNS servers, and good DHCP IP addy).
On the client I have tried just about everything I can think of, including:
Flushing cache
Cleaning out temp files (%temp%)
Scan clients for viruses\malware (Antivirus\malwarebytes) "negative"
Nslookup (good)
Flushing client DNS
Registering client DNS (ipconfig /registerdns)
Disable/enable network adapter
Updating network adapter driver
Installing a second network adapter card
Shutting down computer (hard shutdown), restarting
Checking system files (System File Checker – sfc /scannow)
We are using Internet Explorer ( I know, there is better, faster – It is what the our vendors support)
Not wanting to make this a “chrome, firefox” shootout….feels more like a DNS issue somehow, but can’t figure it out.
Everything works fine for everyone else, just these random few, and always different users.
We are not running a firewall inside and client firewalls are turn off. We have a Cisco firewall coming into domain (nothing change here – even restarted router and switches).
Bottom line, everything works good except for 1-2 hours in the day, some in the morning and some in the afternoon. And always just a few users.
Looking for any help……Let me know if you need any more info.
Any Ideas?
Thanks in advance.
Fubr
I have an issue with outside webpages not coming up (google, yahoo, Microsoft…etc.)
Last two weeks we have been having a random hand full of users that fire up there computers in the morning and all is good, then later in the morning or midafternoon they can’t access any outside webpages. Can access inside (internally hosted websites) webpages. And not always the same users.
We have two internal DNS servers (2008 R2) that have been running smooth for a couple years now with no major updates or configurations. The only DNS logs on server show is an invalid domain name packet that is reject every now and then. I have restarted DNS services on server, Restarted DNS servers.
When this happens to the users, I can still ping the outside world from client (google, Microsoft …etc.), even get an nslookup. But no outside webpages come up. (just blank white page saying “Can’t find webpage”)
At first I thought this was related to Internet Explorer 11, but couple days later users with 9, and 10 started having the same issue. (all users are windows 7 boxes)
Ipconfig all looks good on clients (show right gateways and DNS servers, and good DHCP IP addy).
On the client I have tried just about everything I can think of, including:
Flushing cache
Cleaning out temp files (%temp%)
Scan clients for viruses\malware (Antivirus\malwarebytes) "negative"
Nslookup (good)
Flushing client DNS
Registering client DNS (ipconfig /registerdns)
Disable/enable network adapter
Updating network adapter driver
Installing a second network adapter card
Shutting down computer (hard shutdown), restarting
Checking system files (System File Checker – sfc /scannow)
We are using Internet Explorer ( I know, there is better, faster – It is what the our vendors support)
Not wanting to make this a “chrome, firefox” shootout….feels more like a DNS issue somehow, but can’t figure it out.
Everything works fine for everyone else, just these random few, and always different users.
We are not running a firewall inside and client firewalls are turn off. We have a Cisco firewall coming into domain (nothing change here – even restarted router and switches).
Bottom line, everything works good except for 1-2 hours in the day, some in the morning and some in the afternoon. And always just a few users.
Looking for any help……Let me know if you need any more info.
Any Ideas?
Thanks in advance.
Fubr
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
-
5
4
- +1
11 Comments
Active 1 day ago
Some sort of user limit, maybe? Sounds like the problem occurs when things get busy.
Maybe a router problem? Can't handle that many users?
Maybe a router problem? Can't handle that many users?
If you can ping yahoo.com from a command prompt on the PC, that means you can resolve the name, so it does not sound like a DNS issue.
My recommendation is the next time this issue comes up, first test more than one pc to make sure this is not a local PC issue. Assuming it is all PC's, then go to one of the PC's and first ping yahoo.com and see if it resolves the name to an IP and responds, assuming it does then try to telnet to port 80 in yahoo.com e.g. telnet yahoo.com 80 and see if it connects. If it connects the issue is browser specific, but if it does not, then something is blocking access to your ports when the issues arise. It could be you firewall, router, a proxy or it could be the local Windows firewall or antivirus causing the issues. I would start with the local PC and work you way forward. Turn those services off an retest.
My recommendation is the next time this issue comes up, first test more than one pc to make sure this is not a local PC issue. Assuming it is all PC's, then go to one of the PC's and first ping yahoo.com and see if it resolves the name to an IP and responds, assuming it does then try to telnet to port 80 in yahoo.com e.g. telnet yahoo.com 80 and see if it connects. If it connects the issue is browser specific, but if it does not, then something is blocking access to your ports when the issues arise. It could be you firewall, router, a proxy or it could be the local Windows firewall or antivirus causing the issues. I would start with the local PC and work you way forward. Turn those services off an retest.
Active 1 day ago
Just to clarify, when you say you can "ping the outside world" do you mean ping by domain name or ping by IP address? If the former, it is not a DNS issue as terces says. I had assumed you had meant the latter.
Have you tried a tracert?
Have you tried a tracert?
Active today
How you get internet on client computers ?
Through internal DNS servers and if they are forwarding queries to public DNS servers (ISP) ?
Please check with ISP about problem as I don't think there is any issue with your end
Some times DNS name resolution works perfectly but link may get chocked and become very slow so that you will face slow intrent connectiivty intermittently on random no of clients
Also check if anybody in office is using link heavily for some downloads etc
Mahesh
Through internal DNS servers and if they are forwarding queries to public DNS servers (ISP) ?
Please check with ISP about problem as I don't think there is any issue with your end
Some times DNS name resolution works perfectly but link may get chocked and become very slow so that you will face slow intrent connectiivty intermittently on random no of clients
Also check if anybody in office is using link heavily for some downloads etc
Mahesh
Thanks for the replies.
I don't think limit issue, as we have had a bigger user base in the past (double), but I will check DHCP pool in case pool is filled up. (shouldn't be issue with router)
when I say ping the outside world, I am pinging "cox.net", "google.com" all getting replies and IP address.
clients all us DHCP, which we then have 2 internal DNS servers which forward out to COX DNS servers.
I will check with ISP.
Now I did do a trace file (wireshark), but I'm to noobie with it to say "ahh that's the problem", but by the color code, I think there was some bad IP packets on one of the users that was having the issue. 1.92 is the user having the issues and 74.125.255.243 is Google the user in trying to access with browser. (example enclose).
I will do some more testing to see if I can find out any thing more.
I did rotate the order of forwarding DNS servers, maybe help going to different server first.
Thanks, I will let you know of any updates.
Fubr
WiresharkCap.png
I don't think limit issue, as we have had a bigger user base in the past (double), but I will check DHCP pool in case pool is filled up. (shouldn't be issue with router)
when I say ping the outside world, I am pinging "cox.net", "google.com" all getting replies and IP address.
clients all us DHCP, which we then have 2 internal DNS servers which forward out to COX DNS servers.
I will check with ISP.
Now I did do a trace file (wireshark), but I'm to noobie with it to say "ahh that's the problem", but by the color code, I think there was some bad IP packets on one of the users that was having the issue. 1.92 is the user having the issues and 74.125.255.243 is Google the user in trying to access with browser. (example enclose).
I will do some more testing to see if I can find out any thing more.
I did rotate the order of forwarding DNS servers, maybe help going to different server first.
Thanks, I will let you know of any updates.
Fubr
WiresharkCap.png
Sorry for the delay….was on vacation for holidays.
Got back Monday the 6th, and still having issues.
Did check with ISP before I left on vacation and they did have different DNS servers that I didn’t have.
Look like this might fix the issue before I left.
Did single out one users and ping yahoo.com.
It resolves just fine, good ping times and resolved name to IP. Next I telnet to yahoo.com, port 80 and it connected.
Reminder, all other users are fine, and the affected users are not the same every day.
Only difference I have notice in the last 4 days is I have been able to shut down user computer, wait 10-20 seconds, start back up and they work fine. Wasn’t able to do this before, and would last 30 minutes to an hour (no matter what I did), then be fine again.
With this user, it happen at noon. Most of our internet enabled staff leaves for lunch at this time, so I would think usage would be down (bandwidth wise).
Still scratching my head
Fubr
Got back Monday the 6th, and still having issues.
Did check with ISP before I left on vacation and they did have different DNS servers that I didn’t have.
Look like this might fix the issue before I left.
Did single out one users and ping yahoo.com.
It resolves just fine, good ping times and resolved name to IP. Next I telnet to yahoo.com, port 80 and it connected.
Reminder, all other users are fine, and the affected users are not the same every day.
Only difference I have notice in the last 4 days is I have been able to shut down user computer, wait 10-20 seconds, start back up and they work fine. Wasn’t able to do this before, and would last 30 minutes to an hour (no matter what I did), then be fine again.
With this user, it happen at noon. Most of our internet enabled staff leaves for lunch at this time, so I would think usage would be down (bandwidth wise).
Still scratching my head
Fubr
Seems to be getting worst.
Went from 1-2 people every other day to last 3 days 3-4 users per day.
Mostly different users, but last three days couple same users each day.
Can still ping outside websites by name, can trace route and get replies when this happens.
Can do the telnet (telnet yahoo.com 80) and connect.
What blows my mind is everyone else is fine, and these users are fine up till this point.
I have cisco technician coming out tomorrow to check routers and switches.
Servers show no logs to indicate anything..........
I did find logs on one user PC during this, source GroupPolicy, event ID 1055
Windows could not resolve the computer name.
And...
source NETLOGON, event ID 5719
Computer wasn't able to set up a secure session with a domain controller.
was still able to ping domain controller by name and get reply.....???
Personal I'm still thinking some kind of DNS/replication. reading the logs above, makes me think that all of a sudden this PC can't talk to DC and DC doesn't know this PC!!
But everyone else is fine and no error logs to guide me on server.
I will follow up after cisco technician comes tomorrow.
Fubr
Went from 1-2 people every other day to last 3 days 3-4 users per day.
Mostly different users, but last three days couple same users each day.
Can still ping outside websites by name, can trace route and get replies when this happens.
Can do the telnet (telnet yahoo.com 80) and connect.
What blows my mind is everyone else is fine, and these users are fine up till this point.
I have cisco technician coming out tomorrow to check routers and switches.
Servers show no logs to indicate anything..........
I did find logs on one user PC during this, source GroupPolicy, event ID 1055
Windows could not resolve the computer name.
And...
source NETLOGON, event ID 5719
Computer wasn't able to set up a secure session with a domain controller.
was still able to ping domain controller by name and get reply.....???
Personal I'm still thinking some kind of DNS/replication. reading the logs above, makes me think that all of a sudden this PC can't talk to DC and DC doesn't know this PC!!
But everyone else is fine and no error logs to guide me on server.
I will follow up after cisco technician comes tomorrow.
Fubr
Ok.....had the cisco tech go through router today (501 PIX), and turns out it "is" a license issue
(exceeding licenses)
strung hit it on the head....I would have argue this, but technician clear it up for me
We have a 50 user license, and that does not mean 50 users.
It means 50 devices!!
So every network printer, computer, server, smartphone, wireless device that has an IP or gateway configured, is talking to the router and it is logging this as a license.
Sad thing is Cisco End-of-Life these routers couple years back, so probably won't be able to upgrade the license on it. (maybe find an unlimited one on ebay)
My question now, for a work around (until I can get a new ASA) can I do a "clear local-host all" on the router?
Clearing out all local users, I would not have to restart router and break the VPN Connections (we have two sister sites connecting to our router by VPN connection)
Makes me wonder why it does not release these licenses when they are idle?
I notice when I do a "show local-host", I get a lot of computers that haven't been on the network in the last couple of months, not to mention computers that have been lock out from internet access. I'm hoping the "clear local-host all" will be a work around. If I do a "clear local-host ip-address" of some of these client devices, it frees up licensing.
Fubr
(exceeding licenses)
strung hit it on the head....I would have argue this, but technician clear it up for me
We have a 50 user license, and that does not mean 50 users.
It means 50 devices!!
So every network printer, computer, server, smartphone, wireless device that has an IP or gateway configured, is talking to the router and it is logging this as a license.
Sad thing is Cisco End-of-Life these routers couple years back, so probably won't be able to upgrade the license on it. (maybe find an unlimited one on ebay)
My question now, for a work around (until I can get a new ASA) can I do a "clear local-host all" on the router?
Clearing out all local users, I would not have to restart router and break the VPN Connections (we have two sister sites connecting to our router by VPN connection)
Makes me wonder why it does not release these licenses when they are idle?
I notice when I do a "show local-host", I get a lot of computers that haven't been on the network in the last couple of months, not to mention computers that have been lock out from internet access. I'm hoping the "clear local-host all" will be a work around. If I do a "clear local-host ip-address" of some of these client devices, it frees up licensing.
Fubr
Featured Post
Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.
One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address.
There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant.
Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
- Superb Internet
- Encryption
- E-Commerce
- SSL / HTTPS
- Cybersecurity
- Web Browsers
This Micro Tutorial will demonstrate how to add subdomains to your content reports. This can be very importing in having a site with multiple subdomains.
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.
Suggested Courses
Course of the Month1 day, 16 hours left to enroll
717 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.