Can't Access company website through workstations

I suddenly have had an issue accessing our website internally from workstations.  It's something i'm not sure what is happening.  No changes were made on our servers.  I'm able to access the website externally and also through my servers,  but workstations can't resolve the DNS, apparently, although I'm able to telnet, nslookup, tracert.  Anyone able to help troubleshoot this one?
dohrmannAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Patrick BogersDatacenter platform engineer LindowsCommented:
Hi

Did you look in the right DNS forward lookup zone, is the right A record present there?
dohrmannAuthor Commented:
Yes, the correct A record is there for www.  I also changed this around, playing around and found that if it wasn't there the servers wouldn't be able to access the website.  Putting back in allowed the servers to access the website after a flushdns cmd.
Patrick BogersDatacenter platform engineer LindowsCommented:
But workstations can't? Are they in the same domain?
Virus Depot: Cyber Crime Becomes Big Business

The rising threat of malware-as-a-service is not one to be overlooked. Malware-as-a-service is growing and easily purchased from a full-service cyber-criminal store in a “Virus Depot” fashion. View our webinar recording to learn how to best defend against these attacks!

dohrmannAuthor Commented:
Yes, all in the same domain.
Patrick BogersDatacenter platform engineer LindowsCommented:
Then workstation either use a different DNS server like 8.8.8.8 or they have entries in their hosts file i assume, did you check?
dohrmannAuthor Commented:
We don't use entries for the website in the host file, although I tried.  I also changed to the DNS of 8.8.8.8 and nothing changed.
Patrick BogersDatacenter platform engineer LindowsCommented:
Hi

Offcourse not, 8.8.8.8 is Google's DNS server.

What DNS is configured on the workstations? run->      ipconfig /all
PerarduaadastraCommented:
What version of Windows server are you running?
dohrmannAuthor Commented:
I think we may need to think outside the box a little on this one.
My DNS server is running SBS2011, but other servers that run 2008R2 can still access.

My ipconfig is pretty standard.  
IPv4: ie. 192.168.0.247
Subnet: 255.255.255.0
Default: 192.168.0.1
DNS: 192.168.0.247
192.168.0.252

Ive attached a screenshot though.
Screen-Shot-2014-01-13-at-12.48..png
Patrick BogersDatacenter platform engineer LindowsCommented:
I see 2 DNS servers, are they replicating? In other words, do both have the A record for the forward lookup zone?
dohrmannAuthor Commented:
They are replicating, and yes, they both have the A records.  The .252 is my DC02.
Patrick BogersDatacenter platform engineer LindowsCommented:
Hmmm nasty bugger.

If you logon to a server which can resolve the website and open a dos prompt and type:

echo %LOGONSERVER%

Same on a machine that cannot resolve, is there a difference?
footechCommented:
Assuming you allow pings to the website, if you ping the name of the website and it returns the correct IP, then this is not a DNS issue.  The results from tracert already seem to confirm this.
I would be looking at things like proxy configuration, browser settings, etc.  Have you tried different browsers?  Have you tried browsing just by IP?  What message do you get when you try to reach the site?
dohrmannAuthor Commented:
Hmmm..got a little different result that what I remember doing before.  1 - echo %logonserver% produces the same results for everything.  2 - I tried browsing to the site with just the IP and it gave me a default website page error.  I also did this externally and it came back the same thing.  I've attached what I received.  3 - Yes, I've tried different browsers, Mac's, PC's.  I don't have proxy configuration.
Screen-Shot-2014-01-13-at-2.39.0.png
footechCommented:
Just for completeness, would you mind providing a screenshot of pinging the name?
What error message do you get when you try to browse to the site by name on a workstation?

So under IE Internet Options > Connections tab > LAN settings, it looks like this?
LAN settingsAnd it's the same with the servers?

Any chance of your network firewall blocking traffic?
With the wide variety of clients that aren't able to reach the site, it feels more like you have some configuration that applies to the servers which allows them to be successful, rather than something which is blocking the workstations.
Patrick BogersDatacenter platform engineer LindowsCommented:
Hi

The error posted shows a public ip, and i get the same error on ip as on DNS.
Then again, we get the reaction from the default website so it is working.

From servers you get a different response you say what makes me believe there is an authentication check what is failing, what does the logfile of the website tell you?
dohrmannAuthor Commented:
Footech:
I can ping from the server, with the screen shot attached.  The workstations, I can't (request timed out).  I feel like there is something allowing servers through like you said, but I am not sure where to find anything like that.    I have looked at the firewall and nothing seems to be blocking, and again, I never changed anything that would initiate that.  Yes, the Lan settings are the same from the screen shot that you showed.  When trying to access the website on workstations, it simple says page can't be displayed.

Patrick: Not sure what you want from the log.  Can you explain further what you are looking for and where?
Screen-Shot-2014-01-14-at-7.52.5.png
dohrmannAuthor Commented:
As an update to this: I'm in the process of working with the hosting company.  I believe that it has to do with them blocking our static IP address that we are using for our workstations.  The servers are on a different block of static addresses that we have and that would explain why they are getting through and all workstations that are on the same static are not getting through.  I'll keep you posted.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Patrick BogersDatacenter platform engineer LindowsCommented:
Hi,

The log will show more information as to why i got an error visiting your website. (*edit* offcourse when this was a internally hosted website)

I dont understand the hosting thing, i browse to the page, see a redirect to a cgi-bin area and get a website error. Seems to me access has been granted allready but something else went wrong.

Ahhh i read,
websites internally
making me believe you have an external portal and a internal portal hosted locally :)
footechCommented:
Well, I was right about it not being a DNS issue, but that's a minor point so no objection from me.  :)
dohrmannAuthor Commented:
Found out that the web hosting company had been blocking our IP.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Internet Protocols

From novice to tech pro — start learning today.