Solved

Cannot access barclaycardus.com website

Posted on 2014-12-09
31
181 Views
Last Modified: 2014-12-14
I have a network that runs behind a Sonicwall TZ-215.  There is no content filtering or any other licensed protection setup on the unit.  The server using IE11 and Chrome can get to the site https://www.barclaycardus.com or juniper.com (company they merged with). The problem is that all the workstations cannot get to the site - they get " this page can't be displayed" I thought this may be a malware issue, however running RogueKiller, CCleaner, and Malwarebytes have not resolved the issue and they are running clean scans.  I also thought this may be a DNS issue, however using nslookup on the desktops and server all resolve the website name fine.  I also tried to use https://192.107.16.41 in hopes of getting a SSL certificate error, but I received the same "this page can't be displayed" message.  I checked the proxy settings and they are set to automatically detect and there are no entries under the proxy sever.  I find it hard to believe that all systems in this network are infected with something that is preventing the site from being accessed.  I am seeing many posts of people running into this same issue, but no apparent resolution
0
Comment
Question by:rbarwig
  • 13
  • 9
  • 3
  • +2
31 Comments
 
LVL 19

Expert Comment

by:helpfinder
Comment Utility
when you are pinging that web site are you receiving response?
check host files on affected machine (c:\windows\system32\drivers\etc) if you have some records (uncommented) here
try also command tracert www.barclaycardus.com where you can go and where it stops to respond
check some general GPO you vcan have applied on all machines for some suspicios setting which could do this.
do you have wifi also? what if you try to browse that web page from smartphone?
what if you try to browse the web page with some computer connected to your LAN which is not added to your domain? (if you have domain in your LAN enviroment)
try to turn off windows firewall if you can browse the web page like this
try to turn off your antivirus client on machine to test as well
0
 

Author Comment

by:rbarwig
Comment Utility
Yes I received a response. checked for host file entries, nothing uncommented. tracert locates the site fine. I can get to the site on my phone, on my home machine, from the server that is on the LAN, and my laptop that was carried in.  I have firewall turned off on the machines I am working with.  I will check GPO
0
 
LVL 19

Expert Comment

by:helpfinder
Comment Utility
if only computers whitin your LAN which are in the domain are affected then it looks like for some rule in your GPO or Antivirus.
If it would be a malware I do not see a reason why all workstations are infected but server(s) not, but for GPO or AV rule it could be server OU is excluded and on devices not in domain (home laptop, smartphone) is not applied.
I also assume you do not have separate VLANs, special for workstations.
0
 

Author Comment

by:rbarwig
Comment Utility
You are correct, no VLANS
0
 

Author Comment

by:rbarwig
Comment Utility
Disabled Vipre Business (AV) and disabled GPO (with update/force.  rebooted both test workstations and still no website
0
 
LVL 19

Expert Comment

by:helpfinder
Comment Utility
check applied GPOs with command
gpresult /R
or exported as html file with
gpresult /H c:\report.html
0
 
LVL 9

Expert Comment

by:Christopher Jay Wolff
Comment Utility
Here is a link covering a few issues with https sites giving "page cannot be displayed" that I would run through.  

http://support.microsoft.com/kb/968089

Some https sites need matching date/time set on workstations, and some add-ons may mess it up.  If you find a fix in this list above, then sounds like you need it in GPO.
0
 
LVL 9

Expert Comment

by:Christopher Jay Wolff
Comment Utility
I noticed I made my time/date way off by days and still can access, so that's probably not it.
0
 

Author Comment

by:rbarwig
Comment Utility
I reviewed and even went as far as disabling the GPO did a GP update and even waited another 20 minutes on top of that (very small network) and the site still does not display.
0
 
LVL 9

Expert Comment

by:Christopher Jay Wolff
Comment Utility
Darn huh?

These links from EE ...

http://www.experts-exchange.com/Web_Development/Web_Services/Q_28458645.html

http://www.experts-exchange.com/Networking/Protocols/SSL/Q_28385458.html

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/MS-SharePoint/Q_28086816.html


have some similar comments you may find useful.  Since it's EE you can easily contact any expert directly to inquire about your particular situation.  Did you check on cryptographic services?

Sorry I couldn't spend more time just now.  The below excerpt is from an article and brings up cryptographic services.

Article excerpt on problems displaying https pages.
and the article is ...

http://www.experts-exchange.com/Software/Internet_Email/Web_Browsers/A_2630-Rectifying-internet-explorer-browser-problems-in-Windows.html
0
 

Author Comment

by:rbarwig
Comment Utility
Christopher,
Thanks, ran through this last set of recommendations, still no go.  This is very puzzling.  Even the article from Ravi, sent me to a couple of settings I would not have checked, but again, no go.
0
 
LVL 9

Expert Comment

by:Christopher Jay Wolff
Comment Utility
Are the workstations plugged in?

:) Sorry, couldn't resist.

I just sent a request for help to a few experts in the links I posted above and you are copied on the request.  Haven't done it before so hope I did it correctly.  Let's see if anyone can help you out.
0
 
LVL 58

Expert Comment

by:Gary
Comment Utility
Is it just this site or all https sites?
0
 
LVL 76

Expert Comment

by:arnold
Comment Utility
Check the settings on the workstations in IE whether they are using proxy.
Second check whether these workstations and sight are setup in compatibility mode.

Have the user run proxycfg

another options, not sure whether IE11 also has the option to disable the friendly error message The last option on the Browsing section of internet options advanced tab "Show friendly HTTP error messages."
one this is disabled, and the browser reopened, you should get a clearer picture what is going on.
0
 

Author Comment

by:rbarwig
Comment Utility
Gary,
It is just this site and juniper.com (the same company)
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 

Author Comment

by:rbarwig
Comment Utility
Christopher,
Is it a requirement to be plugged in ?  The gerbil is running as fast as he can on the treadmill to get enough power :-)
0
 
LVL 58

Expert Comment

by:Gary
Comment Utility
Who are the workstations using for DNS?
0
 

Author Comment

by:rbarwig
Comment Utility
the DC.  Name resolution is working fine.  nslookup find the name, ping by name and IP work fine.  In IE, the status updates from finding,  to waiting on the site in a matter of a few seconds.  As in the original post the server can bring up the site just fine
0
 
LVL 58

Expert Comment

by:Gary
Comment Utility
And on the workstations is it the same in any browser?
0
 
LVL 9

Expert Comment

by:Christopher Jay Wolff
Comment Utility
Wondering if the gerbil is tired.

Also wondering if helpfinder suggestion about GPResult was tried.  helpfinder seemed to be on a steady progression with that course.
0
 

Author Comment

by:rbarwig
Comment Utility
GPResult show no policies directly or in directly assigned to client systems.  As stated, created a new OU and moved clients to new OU that had no policy assigned to is and still cannot display site.
0
 
LVL 76

Expert Comment

by:arnold
Comment Utility
What about checking the browser on the workstation connection/lan/proxy settings? Is auto proxy enabled? See whether your DNS/dhcp push proxy information.
Check add-ons to make sure they are not diverting the traffic.

After disabling the show friendly http errors, what was the displayed error?
0
 

Author Comment

by:rbarwig
Comment Utility
All add ons are disabled, I am running IE in No add-on mode. proxy is set to auto detect.  At one point I tried with this turned off and no change running proxycfg as suggested yielded the same interface as internet options, connections, LAN setting, etc..  DHCP is not pushing a proxy, DNS is working fine as site can be be resolved.  Ping returns timed out but resolves to 192.107.16.41 which is the same site as what I get from home and the site pulls up.  I am confident that ICMP is turned off on their side and I do not get a reply from a working system nor a non working system.  The step  I attempted this morning was to install telnet and telnet to the site on port 80, from the server it connects, from the workstation it does not
0
 
LVL 9

Expert Comment

by:Christopher Jay Wolff
Comment Utility
Here is a rather good procedural account of how IE does things up to IE9 with auto proxy config.  Maybe you all know these things already but I was hoping it might provide a new clue or idea.  Maybe check the link near bottom for "retrying a bad proxy server" also.

http://support.microsoft.com/kb/271361
0
 

Author Comment

by:rbarwig
Comment Utility
Christopher, I am uploading the results of the GP result in the event I may be overlooking something here
report.html
0
 
LVL 9

Expert Comment

by:Christopher Jay Wolff
Comment Utility
Great.  Why not.
0
 
LVL 76

Accepted Solution

by:
arnold earned 500 total points
Comment Utility
It is not clear whether the issue is with the system/user or the LAN/VLAN IP the user that experiences this issue versus the system that does not.
 
are you using IPs on the private network, 10.x.x.x,172.16-31.255 192.168.x.x?

Post
ipconfig /all

from a system that has issues versus one that does not.
0
 
LVL 9

Expert Comment

by:Christopher Jay Wolff
Comment Utility
Great call on telnet!!  Led me to this KB and I wondered if the method described is what you tried with telnet, to isolate the problem.

http://support.microsoft.com/kb/290051
0
 

Author Comment

by:rbarwig
Comment Utility
Ok, You will not believe this.  I followed the idea from Arnold and printed an ipconfig from a working and non working system and then compared them side by side.  Low and behold found a difference:

Local subnet 255.255.255.0 vs 255.0.0.0

Then I looked at the scope the tech setup just recently

Scope option and found the subnet mask was not set right.

Great suggestion Arnold

Thanks for all the help Christopher
0
 
LVL 9

Expert Comment

by:Christopher Jay Wolff
Comment Utility
Hooray!!  Thanks to you all for letting me participate at my level.

I'll have to do some masking homework on why it was only Barclay https.
0
 

Author Comment

by:rbarwig
Comment Utility
agree, this did not make sense
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Shows how to create a shortcut to site-search Experts Exchange using Google in the Chrome browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch the Search Engine Menu: In chrome, via you…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now