Solved

Members servers can't connect to web

Posted on 2014-10-01
12
141 Views
Last Modified: 2014-10-03
Please see my related post at http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Q_28528671.html#a40354764

My other members servers can't connect to the web. I don't see anything wrong. Here's the config on one of them. They aren't using DHCP.

I did add those servers to the dhcp reservation. I double-checked the mac address in the reservation. Would that have affected it?

   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 10.0.0.204(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 10.0.0.5
   DNS Servers . . . . . . . . . . . : 10.0.0.200
   NetBIOS over Tcpip. . . . . . . . : Enabled
0
Comment
Question by:NVIT
  • 6
  • 5
12 Comments
 
LVL 11

Assisted Solution

by:Bryant Schaper
Bryant Schaper earned 50 total points
ID: 40355305
gateway is .5 not .1?  How about firewall.  Can you show one that works.
0
 
LVL 23

Author Comment

by:NVIT
ID: 40355317
Bryant,

.5 is Gateway is the firewall
I can ping .5 and .200.
Here's an xp client that works. It uses dhcp:
        Dhcp Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 10.0.0.32
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 10.0.0.5
        DHCP Server . . . . . . . . . . . : 10.0.0.200
        DNS Servers . . . . . . . . . . . : 10.0.0.200
                                            64.129.2.4
                                            64.129.2.5
0
 
LVL 38

Accepted Solution

by:
Hypercat (Deb) earned 450 total points
ID: 40355337
It looks like a DNS issue, since the gateway address is correct.  What happens when you try to browse by IP address?  For example, can you browse to 64.233.183.103 (one of Google's www IP addresses)?  If so, then browsing per se is not the problem.  If you open a command prompt and type "nslookup www.google.com" do you get a list of IPs?  If not, then the problem is that your DNS server is not responding.  The workstation may be able to browse because it also has public DNS server addresses in its NIC properties.  You should not need these addresses; all of your workstations and servers should be able to browse public IP addresses by using your internal DNS server address(es) as the only DNS servers.

If the DNS server is the problem, then either (a) you have forwarders configured on your DNS server properties that are not working; or (b) you have no DNS forwarders and the root hints are also missing, which would cause your DNS server to be unable to resolve any external IP addresses.
0
 
LVL 23

Author Comment

by:NVIT
ID: 40355371
Hello hypercat,

I much appreciate your quick and helpful response. I'm a part-time admin so I hope you don't mind walking me through.

As I mentioned in my other post, my dhcp server died. I added a new dhcp server yesterday, so I think that's a factor. That and or like you said, my dns server.

I did the browse and nslookup. Let me know if you need more info.

I can't browse via 64.233.183.103

Here's the nslookup response.

nslookup www.google.com
Server:  d2j7jsr1.rnsha.com
Address:  10.0.0.200

Non-authoritative answer:
Name:    www.google.com
Addresses:  2607:f8b0:4007:805::1014
          74.125.224.115
          74.125.224.116
          74.125.224.114
          74.125.224.112
          74.125.224.113

What should I check next?
0
 
LVL 38

Assisted Solution

by:Hypercat (Deb)
Hypercat (Deb) earned 450 total points
ID: 40355432
Ok, so you are getting name resolution doing an nslookup, so that indicates that your DNS server is resolving external names.  Your servers aren't using DHCP, so the change in your DHCP server should not be causing any problems for the member servers.  Try browsing using the IP addresses that you got from the 10.0.0.200 server.  For example, open your browser and try browsing http://74.125.224.115 and see what you get. When I browse from here using that IP, it brings up the Google search page, so if it doesn't work for you, then we're back to looking at something other than DNS causing the browsing issue.

Other things to check if it still doesn't work:  Is the Windows firewall on the server turned on, and if so, is it blocking port 80?  I'm assuming these servers aren't multi-homed, but if they are that could also be a cause of browsing issues if not configured properly.  Also check your perimeter firewall configuration.  Is it configured to block browsing traffic (port 80) for the server IP addresses?

As another test, change the configuration on one of your workstations to remove the external DNS server addresses so that the only DNS server address it has is the 10.0.0.200 one.  Can that workstation browse after that or not?
0
 
LVL 23

Author Comment

by:NVIT
ID: 40355958
I browsed to http://74.125.224.115, the Google search page. It worked.

This is bizarre... and frustrating.

The subject server can now (at least for now) browse via the domain names e.g. www.google.com, news.google.com

The ability to browse or not seems to be happening sporadically at various clients, including the member servers. Sometimes it works. Sometimes it doesn't.

I should add that the crashed dhcp server options had a voip server entry that I set when we installed the voip phone system a few years back. The phone installer had me reserve addresses for their voip server and voip switch. In addition, he had me enter some info into our dhcp server. I only have a picture of the entry (attached). The picture shows the following:

Server Options, General tab, Available options, the entry says: 156 VoIP FTP Server. Under Data entry, String value, it says: ftpservers=10.0.0.100.

10.0.0.100 is their VoIP server, which is a desktop computer sitting in our rack.

I don't remember how I entered it. I may have created a registry entry for this because I don't see it when browsing the Server Options, General tab on the new dhcp server.

I don't know if it has any bearing on the problem but I mention the above because the phones are also on dhcp. The voip server and switch were both connected to the lan while I installed the new dhcp server. I think they are getting leases.

I didn't do your last test yet, i.e. change the configuration on one of your workstations to remove the external DNS server addresses so that the only DNS server address it has is the 10.0.0.200 one.
IMG00000441.PNG
0
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 40356935
Not sure this will fit exactly your situation with the voice VLAN, but here's an example of how to set the DHCP options for VOIP:

http://www.virtuallyimpossible.co.uk/%ef%bb%bfpredefined-dhcp-options-for-voip-on-server-2008-r2/
0
 
LVL 23

Author Comment

by:NVIT
ID: 40357349
hello hypercat,

Thanks for the suggestion. This one pertains to our need: http://community.spiceworks.com/how_to/show/93302-shoretel-configuring-dhcp-scope-option-156-in-windows-server-2008-r2

Still, our phone installer is coming in to help resolve that.
0
 
LVL 38

Assisted Solution

by:Hypercat (Deb)
Hypercat (Deb) earned 450 total points
ID: 40357384
Sounds like it could even be an internet service provider issue, i.e., intermittent disconnects at the modem or perimeter router.  However, we probably should also check the DNS properties.  On the DNS server, open the DNS management console, expand so that you can see your server name, then click on the server name and right-click and select Properties. Please do a screen capture of the Forwarders tab and the Root Hints tab and post them.
0
 
LVL 23

Author Comment

by:NVIT
ID: 40357969
Hi hypercat,

The majority of issues seem to be resolved. Please see my last post on
Dead 2003 DHCP server
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Q_28528671.html
0
 
LVL 38

Assisted Solution

by:Hypercat (Deb)
Hypercat (Deb) earned 450 total points
ID: 40358004
Per your comment on that question, if you're going to use any external DNS servers, they should be entered into your DNS server properties as forwarders, as you said, not added to the list of DNS servers on your clients.  This makes queries more efficient, since your DNS server will resolve unknown (i.e., external) hosts by using the forwarder(s) and then will cache the information it receives. So, for frequently used websites, name resolution will be quicker because it is cached on the local server.
0
 
LVL 23

Author Closing Comment

by:NVIT
ID: 40360856
I'd like to thanks everyone's help, particularly hypercat, for the detailed responses. In the end, I don't know which fixed it exactly but it seemed to be a combination of power cycling the ISP's modem, our firewall, reseating cables to same, and power cycling the switches.

Aloha!
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip is around source server preparation. No migration is an easy migration, there is a…
Remote Apps is a feature in server 2008 which allows users to run applications off Remote Desktop Servers without having to log into them to run the applications.  The user can either have a desktop shortcut installed or go through the web portal to…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now