Joeteck
asked on
Windows 2008 server can't ping gateway over time.
I have a very strange problem that I can't figure out.
The server has Active directory, DNS, and TS. Please don't get off track by telling me you can't do that. ;) You can.
If I change the servers IP address, Internet comes back and I can ping the gateway once again. If I put it back to the original IP it fails once again and I can't ping the gateway.
So far there are 2 IPs that I can't use any longer as they do not work on the server for some reason. It will work for about a day, then stop, Internal connections are fine, just no gateway access and TS clients can't connect since I can't ping the gateway.
There is no anti-virus software is installed. I turned off the servers firewall. to rule out any conflict.
This is a very difficult problem to diagnose.
The server has Active directory, DNS, and TS. Please don't get off track by telling me you can't do that. ;) You can.
If I change the servers IP address, Internet comes back and I can ping the gateway once again. If I put it back to the original IP it fails once again and I can't ping the gateway.
So far there are 2 IPs that I can't use any longer as they do not work on the server for some reason. It will work for about a day, then stop, Internal connections are fine, just no gateway access and TS clients can't connect since I can't ping the gateway.
There is no anti-virus software is installed. I turned off the servers firewall. to rule out any conflict.
This is a very difficult problem to diagnose.
ASKER
Sounds like that could be it, but I just can't ping the gateway. I can ping everything else on the network.. this is so wacky..
check the arp cache at the gateway.
the ip to arp resolution is a possible problem source.
seen this with Win8+WLAN+hyper-V within the LAN ... there are an IP6 multicast "echo" containing others IP`s learned by the gateway.
the ip to arp resolution is a possible problem source.
seen this with Win8+WLAN+hyper-V within the LAN ... there are an IP6 multicast "echo" containing others IP`s learned by the gateway.
ASKER
Could you explain how to do that please?
ASKER
I have a firebox watchguard router. Which someone else installed. I freakin hate it. So very difficult to work on.
ASKER
I just checked the ARP table. Everything is fine. No duplicates
ASKER
Check this out: I can't access the router from the server, but from a workstation fine
whatchguard is a firewall ... i think.
are there some active rules that deny traffic for suspicious IP's?
what after rebooting the whatchguard?
is the device software up2date?
are there logfiles at the device?
are there some active rules that deny traffic for suspicious IP's?
what after rebooting the whatchguard?
is the device software up2date?
are there logfiles at the device?
PS: don't check for duplicate ARP entries...
check the IP to ARP mapping at the whatchguard, then check if the ARP matches the servers local MAC address.
use "ipconfig /all" at the server to display the server NIC's MAC address.
check the IP to ARP mapping at the whatchguard, then check if the ARP matches the servers local MAC address.
use "ipconfig /all" at the server to display the server NIC's MAC address.
ASKER
i would reboot the firewall.
some unknown block- or security-actions should be rerset after rebooting.
some unknown block- or security-actions should be rerset after rebooting.
ASKER
Would be a temporary fix correct? It would be blocked once again?
but if a reboot helps, there must be something at the firewall.
possible changing the IP is a temporary solution also.
possible changing the IP is a temporary solution also.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
the question is solved or can i do something for you?
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
seen this some times since 9 month on different servers and workstations after a reboot.
then i see an apipa address at the server (169.254.x.x) with ipconfig as preferred and at the eventlog is an entry because a duplicate IP.
often a server-reboot is enough to solve this problem.
at my nightly booting terminalservers i build a script to reboot if def GW is not pingable.