Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.
Course Of The Month
10 days, 3 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Weird 2008 to 2008 Issues
Posted on 2014-03-14
This is weird, i am looking at a network i have been asked to clean up after the person responsible for it walked.
There were DNS issues amongst other things, but now this has me a little stumped...
The site has:
2x 2008 AD Server
1x 2003 AD Server
1x 2000 AD Server (Yeah I know)
Alongside multiple 2003 & 2008 Member servers.
I have a weird issues were a 2008 AD Server running Backup Exec cannot talk to another 2008 Member server running SQL for backups.
Neither server can, UNC or Ping each other, yet all other servers and PCs can access both of them. It seems like there is a wall between these two server, but I cant work out why.
There are no errors in the event logs and the Firewall has been disabled by my predecessor.
Can anyone offer any clues?
There were DNS issues amongst other things, but now this has me a little stumped...
The site has:
2x 2008 AD Server
1x 2003 AD Server
1x 2000 AD Server (Yeah I know)
Alongside multiple 2003 & 2008 Member servers.
I have a weird issues were a 2008 AD Server running Backup Exec cannot talk to another 2008 Member server running SQL for backups.
Neither server can, UNC or Ping each other, yet all other servers and PCs can access both of them. It seems like there is a wall between these two server, but I cant work out why.
There are no errors in the event logs and the Firewall has been disabled by my predecessor.
Can anyone offer any clues?
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
10-
10
2
22 Comments
They should be they are both on the same IP range of 10.0.0.0/24 along with the other servers.
For some reason the SQL server has a second IPv4 assigned to a single LAN adapter.
For some reason the SQL server has a second IPv4 assigned to a single LAN adapter.
I'd also check to see if there are any access lists or some other rules preventing them from talking with each other. My first theory on the Vlan is probably incorrect as all other pcs can ping both.
jocasio
jocasio
Is that second NIC plugged in? If so, is it plugged into the same switch? What kind of switch are they using?
The second nic had a 169 address so its now disabled.
for some reason there is an alt ip on the first nic it responds to both 10.0.0.30 and 201.
Not sure on the switches yet but I think you might be right.
for some reason there is an alt ip on the first nic it responds to both 10.0.0.30 and 201.
Not sure on the switches yet but I think you might be right.
Did you disable the second one? a 169 address doesn't mean it's disabled, just means it can't reach a DHCP server. Are the servers pointing to the same DNS Server?
lan 2 disabled.
there are 3 dns servers .6 .104 & .105
sql looks to 6 & 104
the ad server looks to itself (105) and 104
there are 3 dns servers .6 .104 & .105
sql looks to 6 & 104
the ad server looks to itself (105) and 104
Do you know why do they have 3 DNS servers? Did you try to do a NSLookup on each box to see what host name they have associated with each IP address? There must be something goofy going on where the packets can't be delivered because either the destination is unknown and they're being dropped, or because they're being refused. Seems weird to have 3 DNS Servers for such a small company (I'm assuming small because of the IP range size)
hi,
1. are you able to ping with IP ?
2. pls share the ping and nslookup result.
3. run "arp -a ipofanyserver" and share the result.
4. are they connected to same switch, if you are using managed switch then pls check the switch configuration.
1. are you able to ping with IP ?
2. pls share the ping and nslookup result.
3. run "arp -a ipofanyserver" and share the result.
4. are they connected to same switch, if you are using managed switch then pls check the switch configuration.
looking at the switch now. its a dell device setup but what seems to be a moron as there and so many vlans. found out that vms on 1 server are on 1 vlan and vms on another server are on another vlan.
its s mess im now thinking about tell them to start again
its s mess im now thinking about tell them to start again
There's your problem. You have to get the ports on the same VLAN. what you can do to test it is plug the server into another port on the same vlan as the other server and then try to ping it. They were probably trying to separate access based on needs, but somehow screwed it all up.
Let give these some names
AD1 cannot talk to SQL1
AD1 can talk to AD2
AD2 can talk to SQL
AD1 can talk to member1
Member 1 can talk to SQL1
AD1 is on an unknown Vlan
AD2 is on Vlan7
SQL1 is on Vlan7
Member1 is on Vlan2
All servers can talk to each other no matter which Vlan they are on, its just AD1 & SQL1 that cant talk to each other.
Its rather bizarre and a very messy setup especially since all the servers are on 1 site. Unfortunately I am not at that site and have no way to get hands on with the switch.
I can tell you that the Core switch is a Dell PowerConnect 6248P
AD1 cannot talk to SQL1
AD1 can talk to AD2
AD2 can talk to SQL
AD1 can talk to member1
Member 1 can talk to SQL1
AD1 is on an unknown Vlan
AD2 is on Vlan7
SQL1 is on Vlan7
Member1 is on Vlan2
All servers can talk to each other no matter which Vlan they are on, its just AD1 & SQL1 that cant talk to each other.
Its rather bizarre and a very messy setup especially since all the servers are on 1 site. Unfortunately I am not at that site and have no way to get hands on with the switch.
I can tell you that the Core switch is a Dell PowerConnect 6248P
I would strip away the vlans (or get an unmanaged switch and plug everything in) to see if that resolves the problem. You never mentioned what the response was for the ping from AD1 to SQL1. Does it timeout or is the host unreachable?
Sorry its destination host unreachable.
Yeah i think its more infrastructure than windows too, so i think ill call it a day on this until i can get hands on with the core switch.
Yeah i think its more infrastructure than windows too, so i think ill call it a day on this until i can get hands on with the core switch.
There may be an issue with the default gateway on AD1. Host Unreachable means the packets aren't being routed to the proper destination and being dropped. Is the default gateway the same as the other servers?
Yeah the default gateway on all devices is 10.0.0.10. The core Switch.
I have looked over the switch and cannot find any entries to say why 10.0.0.105 cannot talk to 10.0.0.30.
The Data Vlan is 7 and i can access devices on that Vlan from AD1, just no the SQL server on it.
I have looked over the switch and cannot find any entries to say why 10.0.0.105 cannot talk to 10.0.0.30.
The Data Vlan is 7 and i can access devices on that Vlan from AD1, just no the SQL server on it.
Featured Post
Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies. Only from Platform Scholar.
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
It’s been over a month into 2017, and there is already a sophisticated Gmail phishing email making it rounds. New techniques and tactics, have given hackers a way to authentically impersonate your contacts.How it Works
The attack works by targeti…
- The Email Laundry
- Email Servers
- Cybersecurity
- Email Protocols
- Network Security
- Security, *Phishing
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP, Windows Server…
- Ransomware
- Experts Exchange
- Windows XP
- Windows OS
- Windows Server 2008
- Windows Server 2003, Security
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders.
Click on Start and then select Computer to view the available drives on the se…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller.
Log onto the new domain controller with a user account t…
Suggested Courses
Earn Certification
HTML5 Specialist - Certification
Free withPremium
Course of the Month10 days, 3 hours left to enroll
Earn Certification
MCSA Configuring Windows 7 Exam 70-680
$49.00$44.10
623 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.