[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

Cannot access barclaycardus.com website

Posted on 2014-12-09
31
Medium Priority
?
235 Views
Last Modified: 2014-12-14
I have a network that runs behind a Sonicwall TZ-215.  There is no content filtering or any other licensed protection setup on the unit.  The server using IE11 and Chrome can get to the site https://www.barclaycardus.com or juniper.com (company they merged with). The problem is that all the workstations cannot get to the site - they get " this page can't be displayed" I thought this may be a malware issue, however running RogueKiller, CCleaner, and Malwarebytes have not resolved the issue and they are running clean scans.  I also thought this may be a DNS issue, however using nslookup on the desktops and server all resolve the website name fine.  I also tried to use https://192.107.16.41 in hopes of getting a SSL certificate error, but I received the same "this page can't be displayed" message.  I checked the proxy settings and they are set to automatically detect and there are no entries under the proxy sever.  I find it hard to believe that all systems in this network are infected with something that is preventing the site from being accessed.  I am seeing many posts of people running into this same issue, but no apparent resolution
0
Comment
Question by:rbarwig
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 13
  • 9
  • 3
  • +2
31 Comments
 
LVL 19

Expert Comment

by:helpfinder
ID: 40488507
when you are pinging that web site are you receiving response?
check host files on affected machine (c:\windows\system32\drivers\etc) if you have some records (uncommented) here
try also command tracert www.barclaycardus.com where you can go and where it stops to respond
check some general GPO you vcan have applied on all machines for some suspicios setting which could do this.
do you have wifi also? what if you try to browse that web page from smartphone?
what if you try to browse the web page with some computer connected to your LAN which is not added to your domain? (if you have domain in your LAN enviroment)
try to turn off windows firewall if you can browse the web page like this
try to turn off your antivirus client on machine to test as well
0
 

Author Comment

by:rbarwig
ID: 40488520
Yes I received a response. checked for host file entries, nothing uncommented. tracert locates the site fine. I can get to the site on my phone, on my home machine, from the server that is on the LAN, and my laptop that was carried in.  I have firewall turned off on the machines I am working with.  I will check GPO
0
 
LVL 19

Expert Comment

by:helpfinder
ID: 40488528
if only computers whitin your LAN which are in the domain are affected then it looks like for some rule in your GPO or Antivirus.
If it would be a malware I do not see a reason why all workstations are infected but server(s) not, but for GPO or AV rule it could be server OU is excluded and on devices not in domain (home laptop, smartphone) is not applied.
I also assume you do not have separate VLANs, special for workstations.
0
Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

 

Author Comment

by:rbarwig
ID: 40488545
You are correct, no VLANS
0
 

Author Comment

by:rbarwig
ID: 40488582
Disabled Vipre Business (AV) and disabled GPO (with update/force.  rebooted both test workstations and still no website
0
 
LVL 19

Expert Comment

by:helpfinder
ID: 40488599
check applied GPOs with command
gpresult /R
or exported as html file with
gpresult /H c:\report.html
0
 
LVL 9

Expert Comment

by:Christopher Jay Wolff
ID: 40488604
Here is a link covering a few issues with https sites giving "page cannot be displayed" that I would run through.  

http://support.microsoft.com/kb/968089

Some https sites need matching date/time set on workstations, and some add-ons may mess it up.  If you find a fix in this list above, then sounds like you need it in GPO.
0
 
LVL 9

Expert Comment

by:Christopher Jay Wolff
ID: 40488611
I noticed I made my time/date way off by days and still can access, so that's probably not it.
0
 

Author Comment

by:rbarwig
ID: 40490444
I reviewed and even went as far as disabling the GPO did a GP update and even waited another 20 minutes on top of that (very small network) and the site still does not display.
0
 
LVL 9

Expert Comment

by:Christopher Jay Wolff
ID: 40493031
Darn huh?

These links from EE ...

http://www.experts-exchange.com/Web_Development/Web_Services/Q_28458645.html

http://www.experts-exchange.com/Networking/Protocols/SSL/Q_28385458.html

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/MS-SharePoint/Q_28086816.html


have some similar comments you may find useful.  Since it's EE you can easily contact any expert directly to inquire about your particular situation.  Did you check on cryptographic services?

Sorry I couldn't spend more time just now.  The below excerpt is from an article and brings up cryptographic services.

Article excerpt on problems displaying https pages.
and the article is ...

http://www.experts-exchange.com/Software/Internet_Email/Web_Browsers/A_2630-Rectifying-internet-explorer-browser-problems-in-Windows.html
0
 

Author Comment

by:rbarwig
ID: 40493586
Christopher,
Thanks, ran through this last set of recommendations, still no go.  This is very puzzling.  Even the article from Ravi, sent me to a couple of settings I would not have checked, but again, no go.
0
 
LVL 9

Expert Comment

by:Christopher Jay Wolff
ID: 40494094
Are the workstations plugged in?

:) Sorry, couldn't resist.

I just sent a request for help to a few experts in the links I posted above and you are copied on the request.  Haven't done it before so hope I did it correctly.  Let's see if anyone can help you out.
0
 
LVL 58

Expert Comment

by:Gary
ID: 40494140
Is it just this site or all https sites?
0
 
LVL 80

Expert Comment

by:arnold
ID: 40494151
Check the settings on the workstations in IE whether they are using proxy.
Second check whether these workstations and sight are setup in compatibility mode.

Have the user run proxycfg

another options, not sure whether IE11 also has the option to disable the friendly error message The last option on the Browsing section of internet options advanced tab "Show friendly HTTP error messages."
one this is disabled, and the browser reopened, you should get a clearer picture what is going on.
0
 

Author Comment

by:rbarwig
ID: 40494449
Gary,
It is just this site and juniper.com (the same company)
0
 

Author Comment

by:rbarwig
ID: 40494451
Christopher,
Is it a requirement to be plugged in ?  The gerbil is running as fast as he can on the treadmill to get enough power :-)
0
 
LVL 58

Expert Comment

by:Gary
ID: 40494469
Who are the workstations using for DNS?
0
 

Author Comment

by:rbarwig
ID: 40494475
the DC.  Name resolution is working fine.  nslookup find the name, ping by name and IP work fine.  In IE, the status updates from finding,  to waiting on the site in a matter of a few seconds.  As in the original post the server can bring up the site just fine
0
 
LVL 58

Expert Comment

by:Gary
ID: 40494482
And on the workstations is it the same in any browser?
0
 
LVL 9

Expert Comment

by:Christopher Jay Wolff
ID: 40497902
Wondering if the gerbil is tired.

Also wondering if helpfinder suggestion about GPResult was tried.  helpfinder seemed to be on a steady progression with that course.
0
 

Author Comment

by:rbarwig
ID: 40497953
GPResult show no policies directly or in directly assigned to client systems.  As stated, created a new OU and moved clients to new OU that had no policy assigned to is and still cannot display site.
0
 
LVL 80

Expert Comment

by:arnold
ID: 40497976
What about checking the browser on the workstation connection/lan/proxy settings? Is auto proxy enabled? See whether your DNS/dhcp push proxy information.
Check add-ons to make sure they are not diverting the traffic.

After disabling the show friendly http errors, what was the displayed error?
0
 

Author Comment

by:rbarwig
ID: 40498142
All add ons are disabled, I am running IE in No add-on mode. proxy is set to auto detect.  At one point I tried with this turned off and no change running proxycfg as suggested yielded the same interface as internet options, connections, LAN setting, etc..  DHCP is not pushing a proxy, DNS is working fine as site can be be resolved.  Ping returns timed out but resolves to 192.107.16.41 which is the same site as what I get from home and the site pulls up.  I am confident that ICMP is turned off on their side and I do not get a reply from a working system nor a non working system.  The step  I attempted this morning was to install telnet and telnet to the site on port 80, from the server it connects, from the workstation it does not
0
 
LVL 9

Expert Comment

by:Christopher Jay Wolff
ID: 40498156
Here is a rather good procedural account of how IE does things up to IE9 with auto proxy config.  Maybe you all know these things already but I was hoping it might provide a new clue or idea.  Maybe check the link near bottom for "retrying a bad proxy server" also.

http://support.microsoft.com/kb/271361
0
 

Author Comment

by:rbarwig
ID: 40498161
Christopher, I am uploading the results of the GP result in the event I may be overlooking something here
report.html
0
 
LVL 9

Expert Comment

by:Christopher Jay Wolff
ID: 40498176
Great.  Why not.
0
 
LVL 80

Accepted Solution

by:
arnold earned 2000 total points
ID: 40498533
It is not clear whether the issue is with the system/user or the LAN/VLAN IP the user that experiences this issue versus the system that does not.
 
are you using IPs on the private network, 10.x.x.x,172.16-31.255 192.168.x.x?

Post
ipconfig /all

from a system that has issues versus one that does not.
0
 
LVL 9

Expert Comment

by:Christopher Jay Wolff
ID: 40498576
Great call on telnet!!  Led me to this KB and I wondered if the method described is what you tried with telnet, to isolate the problem.

http://support.microsoft.com/kb/290051
0
 

Author Comment

by:rbarwig
ID: 40498584
Ok, You will not believe this.  I followed the idea from Arnold and printed an ipconfig from a working and non working system and then compared them side by side.  Low and behold found a difference:

Local subnet 255.255.255.0 vs 255.0.0.0

Then I looked at the scope the tech setup just recently

Scope option and found the subnet mask was not set right.

Great suggestion Arnold

Thanks for all the help Christopher
0
 
LVL 9

Expert Comment

by:Christopher Jay Wolff
ID: 40498959
Hooray!!  Thanks to you all for letting me participate at my level.

I'll have to do some masking homework on why it was only Barclay https.
0
 

Author Comment

by:rbarwig
ID: 40498961
agree, this did not make sense
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ever visit a website where you spotted a really cool looking Font, yet couldn't figure out which font family it belonged to, or how to get a copy of it for your own use? This article explains the process of doing exactly that, as well as showing how…
IF you are either unfamiliar with rootkits, or want to know more about them, read on ....
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question