Solved

Flaky Web Access - Internet Explorer 11 - Server 2012 R2 - Trend Services

Posted on 2014-09-03
13
435 Views
Last Modified: 2014-09-04
We need Internet access to wfbs-svc.trendmicro.com to setup Trend Micro Worry-Free Business Security Services.

Internet Explorer works for some sites like Google & Bing but not others like msn.com. I usually have to add the site to Trusted and turn on compatibility. Protected mode is turned off.

Firefox is fickle too working only on some sites.

This is a single server domain and DNS is running on the Server 2012.

I noticed that domain PCs are using the gateway rather than the DC for DNS. Maybe it realizes that the server has issues? Router is running DHCP but set to hand out the DC's ip for DNS.

I can ping sites like msn.com & cisco.com without issues
0
Comment
Question by:Randy Downs
  • 8
  • 5
13 Comments
 
LVL 56

Assisted Solution

by:Cliff Galiher
Cliff Galiher earned 500 total points
Comment Utility
Windows (nor mac nor Linux) "figure out" that a DC has issues and just choose a different DNS server. If you have PCs with different DNS settings, they are getting those settings from somewhere specific. Either someone is manually configuring them or you have a misconfigured/rogue DHCP server somewhere. And yes, if you can't trust your DHCP and DNS config then you definitely will have browser issues, since they all (Chrome, Firefox, IE, opera) rely on a healthy basic TCP/IP configuration.

So I doubt your DC has issues. I suspect this is far more basic to your network setup.
0
 
LVL 29

Author Comment

by:Randy Downs
Comment Utility
The PCs get the DNS settings from the router since it is handling DHCP and these are not static ips. The router is set to use the DC for DNS but that apparently is not getting through.

I suppose I should move DHCP to the DC but I am a little wary of making that move remotely. I suspect the network would work much better if I made that change.

Evidently the router thinks DNS should be pointed at itself so the DC setup doesn't work even though it's proper.
0
 
LVL 29

Author Comment

by:Randy Downs
Comment Utility
I suppose I could switch the server to use dynamic ips like the PCs and it might work. That’s not ideal for a server but might fit better with the current network.
0
 
LVL 56

Accepted Solution

by:
Cliff Galiher earned 500 total points
Comment Utility
That's not a good sign. Even outside of businesses, it is pretty common and popular to set up a router to hand out Google DNS or OpenDNS for home filtering. I haven't seen a home router screw up DHCP in *years.* any router who's software is that bad is seriously unreliable. If they can't get DHCP right, they probably botched NAT table mapping too. Your issue may be the router itself.
0
 
LVL 56

Assisted Solution

by:Cliff Galiher
Cliff Galiher earned 500 total points
Comment Utility
Switching the server definitely will NOT help. You'll only be compounding the problem. AD *needs* DNS to work properly and needs to use internal DNS servers.
0
 
LVL 29

Author Comment

by:Randy Downs
Comment Utility
This is what I see on the server & client. I uploaded the router screen shot. DHCP - DNS Router
Ethernet adapter NIC1:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
   Physical Address. . . . . . . . . : 74-86-7A-EA-C0-02
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::f8e0:cee7:f5fa:ceb8%12(Preferre
   IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 309626490
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-44-CD-67-74-86-7A-EA-C

   DNS Servers . . . . . . . . . . . : ::1
                                       192.168.1.2
   NetBIOS over Tcpip. . . . . . . . : Enabled

This is a client PC on the domain

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : A4-1F-72-6B-EB-9E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::fd77:44fc:9248:d6a6%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.134(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, September 03, 2014 6:27:39 PM
   Lease Expires . . . . . . . . . . : Thursday, September 04, 2014 6:27:37 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 245636978
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-10-F4-24-DF-A4-1F-72-6B-EB-9E

   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 29

Author Comment

by:Randy Downs
Comment Utility
Notes:
server is 192.168.1.2
router is 192.168.1.1
0
 
LVL 56

Assisted Solution

by:Cliff Galiher
Cliff Galiher earned 500 total points
Comment Utility
Which, again, shows the router is not using the settings it has been configured for. ...and that goes back to just bad software on the router. Making it very untrustworthy. I haven't seen a router mishandle DHCP in years. Which makes me suspect the router is of a particularly low quality.
0
 
LVL 29

Author Comment

by:Randy Downs
Comment Utility
It's not a very expensive router. It's just a small shop that doesn't do much wit their domain. My thinking is that the server should probably handle DHCP making life easier for the somewhat confused router.
0
 
LVL 56

Assisted Solution

by:Cliff Galiher
Cliff Galiher earned 500 total points
Comment Utility
Perhaps. But even inexpensive Linksys and netgear routers have done DHCP right for years. So again, if the router is getting that wrong, what else is it getting wrong? Ultimately it is your choice, of course, but switching DHCP just to find the problems didn't go away completely for browsing websites would be unfortunate. When a replacement router is such an inexpensive investment.
0
 
LVL 29

Author Comment

by:Randy Downs
Comment Utility
This is a Linksys router and I had a similar problem with a Netgear router not that long ago. Maybe a power cycle would help.

The strange thing is that only the server seems to be effected. The client PCs are constantly used for the Internet.

I probably wouldn't have even noticed the server not browsing but the previous version of Trend complained that it couldn't update.
0
 
LVL 29

Author Comment

by:Randy Downs
Comment Utility
Actually the Netgear router turned out to be OK now that I think about it. That problem was related to static ips.

I am going to see if cycling power helps. If not then router replacement may be on the horizon. Router was bought in May so should be under warranty.
0
 
LVL 29

Author Closing Comment

by:Randy Downs
Comment Utility
The customer is going to be out of the country next week so we will postpone router replacement. Thanks for your advice
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through the process of configuring basic necessities in order to use the 2010 version of Data Protection Manager. These include storage, agents, and protection jobs. Launch Data Protection Manager from the deskt…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now