Solved

My domain can't access other domain's website

Posted on 2014-03-02
46
551 Views
1 Endorsement
Last Modified: 2014-03-05
Hi experts,

This is a very difficult issue. Or at least it seems like. There is a domain amazingcharts.com, which can be reached via http://amazingcharts or http://www.amazingcharts.com or just www.amazingcharts.com. You can even reach it using .net.

Now here is the issue, and I will try to make it easy to follow.

1. Every other domain or computer I have tried can reach all sites. In other words, I have three friends using their computers or networks, and they can reach the sites. I can reach the sites from my cell phone and from my house using LMI to remote there. So, obviously, the sites are up and running.

2. No computers on my network including the server can access these sites using multiple browsers such as I.E. and Firefox.

3. The same computers can access EVERY other site it tries.

4. I have done a dnsflush on the servers and computers. I have rebooted all computers. I have rebooted the server. I have done an nslookup, although I don't really know what I am looking for. I have rebooted the router and modem. Another office here uses Time-Warner as well, and he can get to the site.

I cannot ping amazingcharts.com
I can ping both google.com and yahoo.com

I am dumbfounded as to why I can't get to the site. I also tried changing the NIC settings so the DNS were the same as Time-Warner.

I appreciate any help.

Bert
1
Comment
Question by:Bert2005
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 25
  • 13
  • 6
  • +2
46 Comments
 
LVL 11

Expert Comment

by:Miftaul
ID: 39899309
Is there a router in the office, is there any content filtering enabled.
0
 
LVL 1

Author Comment

by:Bert2005
ID: 39899314
There is a Cisco router. There is no content filtering. I did reboot it. I was able to access these sites on Friday. Thanks Miftaul.
0
 
LVL 58

Expert Comment

by:Gary
ID: 39899317
Any firewall blocking it?
Is it blocked in the router?
Check the URL filtering.
0
Flexible connectivity for any environment

The KE6900 series can extend and deploy computers with high definition displays across multiple stations in a variety of applications that suit any environment. Expand computer use to stations across multiple rooms with dynamic access.

 
LVL 1

Author Comment

by:Bert2005
ID: 39899320
There is no Windows firewall blocking it. Nor is it blocked in the router. These are sites I go to ten times per day, if not more. May be my most important sites.

Thanks Cathal.
0
 
LVL 1

Author Comment

by:Bert2005
ID: 39899322
If this helps. when I type in a URL, say for yahoo.com into a browser and click submit. It instantly puts that address in the URL field and it shows it is going to that URL just below it.

With these sites, the address that was there stays there, but it does say it is connecting just below it. But, it times out.

Hope that makes sense.
0
 
LVL 58

Expert Comment

by:Gary
ID: 39899324
Since no pc can access it then it points to a central point of failure - and that means the router.
Double check it for any IP/URL blocking/filtering
0
 
LVL 1

Author Comment

by:Bert2005
ID: 39899327
OK
0
 
LVL 1

Author Comment

by:Bert2005
ID: 39899357
There was nothing filtered in the content filter. Nothing blocked in the firewall. Nothing blocked in the Windows Firewall.

The only weird thing that should have nothing to do with it was that the date was 2010.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 39899364
Your computers are on a domain using the server for DNS, which in turn probably uses your ISP for public DNS lookups.  Try on one PC changing the DNS to a totally different DNS server such as Google 8.8.8.8, run ipconfig /flush DNS and try again.  This will cause internal name resolution issues, but just do it as a test to see if it is internal DNS related or the router or ISP blocking the site.
0
 
LVL 1

Author Comment

by:Bert2005
ID: 39899373
Thanks Rob,

I can get to the Internet such as Yahoo and MSN. But, still not to AC. I will say that it seems faster using Google's DNS.
0
 
LVL 58

Expert Comment

by:Gary
ID: 39899382
Can you ping 216.38.63.60

Maybe their server has blocked you...
0
 
LVL 1

Author Comment

by:Bert2005
ID: 39899389
Yeah, I had put that in the question only using amazingcharts.com. I am guessing that is the IP address for that domain?

I cannot ping either one of them.
0
 
LVL 1

Author Comment

by:Bert2005
ID: 39899394
That is interesting given I can access AC from home and my cell phone.
0
 
LVL 58

Expert Comment

by:Gary
ID: 39899396
I'm guessing your router has a static IP and maybe it is that your IP is blocked.
Wouldn't affect your home etc.

I guess just give them a call and ask...

(Yes that is the IP for the site - rules out any name resolution problems)
0
 
LVL 1

Author Comment

by:Bert2005
ID: 39899399
I see. Well, I will give them a call in the morning. I would think I would be the last person they'd block, but... who knows. And, yes, I do have a static IP.

Thanks. I will call them.
0
 
LVL 58

Expert Comment

by:Gary
ID: 39899403
Could be many reasons that their firewall would block you.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 39899408
You have mentioned before amazing charts has the ability to blacklist IP's connecting to the site, might you have been blacklisted in error?
0
 
LVL 1

Author Comment

by:Bert2005
ID: 39899410
Yes. And, it would have to be in error. I was just talking with the vice-president of sales and operations Friday. :)
0
 
LVL 1

Author Comment

by:Bert2005
ID: 39902238
Sorry so late. This is weird. So, I can get in using a proxy site. I did call today, and they said my IP wasn't blocked. But, this was a call to the VP, and I don't think she is that tech savvy. Besides, they could be blocking my domain, correct? Although, most would block my IP or both?

She got back to me via email rather quickly. So, I don't know how thoroughly she checked. Besides, I don't even know why they would block IPs. I asked her to try to ping my IP, but she didn't. The program, an electronic medical record, does phone home to the company. But, I don't know what reason they would have to block an IP.

The only possibility, and this seems like a long shot, is that when I did a Whois, and looked at the domain information, this one guy was the registrant and admin, etc. So, he would be fairly tech savvy. He SORT of has a reason to not like me given the last few months of asking for access to the cpanel of the user board. But, that doesn't seem like a great reason. 1. He just doesn't give it to me, and 2. He doesn't talk to me. And, if he were caught blocking me, he would likely get fired.

This is all too weird. I suppose I could talk to tech support. My guess is they would have more knowledge about how an IP could be blocked.
0
 
LVL 58

Expert Comment

by:Gary
ID: 39902315
VP - yes very likely not tech savy, and very probably does not have immediate access to the server to even check (he's the VP - ask someone else)
They wouldn't be blocking based on the domain, it would be based on the IP - your internal server might be a domain - but you accessing another website wouldn't know that
He SORT of has a reason to not like me given the last few months
don't know what to say about that.
I can get in using a proxy site
This very much indicates your IP is blocked, if it was anything else then even using a proxy IP wouldn't work
We have gone through everything else that may indicate a problem at your end and it is all turning up blank.
0
 
LVL 1

Author Comment

by:Bert2005
ID: 39902328
Thanks. The irony is, she just emailed and Steven, the guy who may not like me, is heading up the team to look into this. Yes, they said, "Heading up the team."

Yes, talking with support or any one of those who maintain the server would be more proficient than talking with the VP, it's just that it isn't always easy to get hold of them, and I have a very close relationship with the VP. Which means she will likely do everything to figure this out.

The weird thing is, it is their best interest to give me access. I am the user board admin and am responsible for quite a few things on there including approving or declining potential applicants. So, they will have to get some other admin to do it. I can use the proxy, but that is just too clumsy to continue to use.
0
 
LVL 58

Expert Comment

by:Gary
ID: 39902333
Don't know what else to say or suggest at this moment...
0
 
LVL 1

Author Comment

by:Bert2005
ID: 39902352
Well, I will keep you posted. You have given me a lot of information.

I know I sound pretty naïve, which is why I come here. But, if find that my IP is blocked by their firewall, that would mean that someone would have had to type it in. It doesn't just grab it. Or could they being having a problem with a certain IP and just use two octets or something?
0
 
LVL 29

Expert Comment

by:masnrock
ID: 39902545
Unless there was a flood of traffic from your IP, it should not be blocked. Generally speaking, yes you would need to specifically block it.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 39903390
>>"I don't even know why they would block IPs."
You mentioned once, in years past, that there is a system in place to see if a user has multiple accounts by checking IP's.  If suspected they are blocked.  I was just wondering if you may have somehow triggered that, obviously in error.

>>"I asked her to try to ping my IP, but she didn't."
Your router will not respond to pings.  It is disabled by default, unless you have enabled it.

You have multiple public IP's, if you really need access you could change the public IP on your router, which would require you update your public DNS.
0
 
LVL 1

Author Comment

by:Bert2005
ID: 39903451
Not sure on the first. Generally, I, as the admin, get a message from the owner of the board which states there are two people with the same IP. Usually, this is two doctors from the same practice. To be honest, I never knew what to do other than contact both to see what was up. It was mainly in place to make sure someone didn't have two different accounts.

As far as the latter, I thought of that, but everything is working fine with my network, and I would hate to change just due to their error. Not sure, if I can set up another router just for those sites.

I will look further into the first paragraph above. But, I would think if their policy was to block the IP of anyone who had duplicate IPs, then you would expect them to block it in their firewall. And, unknown to those on the thread, Steven said it was not in the firewall. Of course, given his cheery nature, he gave no explanation or ideas for me to troubleshoot it.

@mansrock  Thanks for your input.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 39903498
You could set up a separate router. If doing so, on the new router; use a different public IP, disable DHCP, set the LAN to the same subnet as your existing network, different LAN IP of course, then on the PC's or in the primary router add a static route:

route  -p  216.38.63.60  mask  255.255.255.255  192.168.123.123

216.38.63.60   is the IP for Amazing Charts
192.168.123.123   is just an example, the LAN IP of the new router.

This will send just the Amazing Charts traffic via the new router
0
 
LVL 1

Author Comment

by:Bert2005
ID: 39903677
Sounds like something you could do over your lunch break and I could do over Thanksgiving weekend, lol.

No, it actually sounds doable.

As you know, given the extra switch and the extra router for the isolated wireless, I would then have a bevy of routers. Is bevy a word.

What does the -p stand for?

As an aside, if I did all that and used the infamous x.98, and it worked, and then two weeks later it was blocked, we would have to assume something fishy was going on. :-)

Thanks Rob.

Oh, and would that router have to be connected to the switch I used to split the two Cisco routers.

Sorry, everyone, I shouldn't get into a whole new question. Last one, I promise.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 39903900
Yes you would have modem => switch => 3 routers
-p = permanent.  Without it the route is removed upon reboot.
0
 
LVL 1

Author Comment

by:Bert2005
ID: 39903922
This is something I should probably throw out there. When I try to access the www.amazingcharts.com the result is:

This page can't be displayed

Is that what one would see if their IP were blocked? Or would it be something like 404 Forbidden?
0
 
LVL 58

Expert Comment

by:Gary
ID: 39903938
Depends on what their server does
Can you do a tracert and see where you are going, from a command prompt.

tracert 216.38.63.60

Should have checked this earlier!
0
 
LVL 1

Author Comment

by:Bert2005
ID: 39904456
Tracert.txt

I pasted it into a text and found it to format much better. Opening in a new window is really helpful.


Tracing route to ds.amazingcharts.com [216.38.63.60]
over a maximum of 30 hops:

  1     2 ms     1 ms    <1 ms  192.168.1.1
  2    11 ms     9 ms     9 ms  10.230.208.1
  3    13 ms    10 ms    11 ms  rdc-24-31-156-132.ne.east.twcable.com [24.31.156
.132]
  4    17 ms    15 ms    15 ms  rdc-204-210-69-20.ne.northeast.rr.com [204.210.6
9.20]
  5    41 ms    35 ms    35 ms  rdc-204-210-69-49.ne.northeast.rr.com [204.210.6
9.49]
  6    36 ms    35 ms    36 ms  be46.cr0.nyc30.tbone.rr.com [107.14.19.102]
  7    43 ms    33 ms    33 ms  107.14.17.216
  8    33 ms    33 ms    78 ms  unk-426d072a.adelphiacom.net [66.109.7.42]
  9    32 ms    35 ms    33 ms  xe-8-0-0.cr1.lga5.us.above.net [64.125.21.74]
 10    35 ms    34 ms    35 ms  ae1.cr2.lga5.us.above.net [64.125.29.38]
 11    41 ms    39 ms    41 ms  ae4.cr2.dca2.us.above.net [64.125.26.105]
 12    39 ms    39 ms    43 ms  xe-1-1-0.mpr4.iad1.us.above.net [64.125.31.117]

 13    50 ms    39 ms    39 ms  xe-1-1-0.mpr4.iad2.us.above.net [64.125.31.133]

 14   166 ms    43 ms    42 ms  64.125.195.222.t00883-02.above.net [64.125.195.2
22]
 15    41 ms    39 ms    39 ms  sc-sdv2910.servint.net [209.50.234.200]
 16     *        *        *     Request timed out.
 17     *        *        *     Request timed out.
 18     *        *
0
 
LVL 58

Accepted Solution

by:
Gary earned 500 total points
ID: 39904528
Yep, the request is being blocked at their server.

They do realise we are talking about the server blocking you and not some kind of login block
0
 
LVL 1

Author Comment

by:Bert2005
ID: 39905031
I would doubt they know much of anything. I am talking to quite a few of them just now.
0
 
LVL 58

Expert Comment

by:Gary
ID: 39905038
Well tell them you've traced the connection and as soon as it hits their server it gets refused (as identified by the tracert above)
0
 
LVL 1

Author Comment

by:Bert2005
ID: 39905041
OK.
0
 
LVL 1

Author Comment

by:Bert2005
ID: 39905049
How do you find where it is blocked. Or show?
0
 
LVL 58

Expert Comment

by:Gary
ID: 39905057
sc-sdv2910.servint.net [209.50.234.200] is the last hop before it hits their server.
0
 
LVL 1

Author Comment

by:Bert2005
ID: 39905063
I see
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 39905262
To clarify.  That in itself doesn't prove Bert2005 is blocked as many servers and routers do not respond to ICMP requests (pings) for security reasons.  But if Cathal or I do a tracert we get a response from amazingcharts.com (216.38.63.60)
0
 
LVL 1

Author Comment

by:Bert2005
ID: 39905286
Thanks. I will have to send a tracert from my computer along with one from an unblocked computer to show them it is blocked. I would think that this would convince them it is blocked by their firewall.
0
 
LVL 58

Expert Comment

by:Gary
ID: 39905402
I did a trace from a few servers and that was the last hop before amazingcharts, maybe I am being a bit presumptious in the hops and the tracert, but with everything else it is just pointing to an IP block
0
 
LVL 1

Author Comment

by:Bert2005
ID: 39905425
Should be all set now

Vahan
 
IT and Special Projects
650 Ten Rod Road, Suite 12
North Kingstown, RI 02852

________________

Email I received at 11:03 pm. This is the guy I have been somewhat suspicious of for quite awhile. I actually told myself if it were to be fixed, it would very late. Of course, I also thought that if it were clear again, that this would be more evidence against them. After Vahan told AC that the firewall was not blocking me this morning, he now says it isn't. So did he spend all evening working to fix it? I doubt it. My guess is he simply was able to get private access to the firewall and unblocked me.
0
 
LVL 58

Expert Comment

by:Gary
ID: 39906478
So all good now?
0
 
LVL 1

Author Comment

by:Bert2005
ID: 39906521
Yep, except for the explanation. I will get back to you when I close the question.
0
 
LVL 1

Author Closing Comment

by:Bert2005
ID: 39908385
So many good comments. But, I think the tracert kind of put things in perspective.

Cathal, I really appreciate your help and being patient with me. I'm not very good with this stuff.

Thank you to everyone else who contributed.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question