donpick
asked on
Peer-to-peer network unable to access a certain website
I need some ideas about how to solve a problem accessing a certain website.
I am the IT staff for a small medical office. Six pc's all running Windows 7 Pro in a peer-to-peer network.
I can remotely login to their system using LogMeIn.
The problem:
- Occasionally it becomes impossible to access the web site “www.comcast.net” . The error message received is “server not found”. However, I can successfully access the web site from my home computer. This problem lasts for about 24 hours then mysteriously solves itself.
The firewall is a ZyWALL USG 50. I have checked it and there are no instructions in it to block any website.
So, it is a big mystery to me as to why only 1 web site is blocked on what seems a random basis.
I wonder if it some problem withing the Comcast.net web site which causes problems?
Q1.) What steps would you take to troubleshoot this problem?
Q2.) Since there is no server involved and the firewall is the DNS server, what thoughts do you have about changing the dns ip address so it uses Open DNS?
I am the IT staff for a small medical office. Six pc's all running Windows 7 Pro in a peer-to-peer network.
I can remotely login to their system using LogMeIn.
The problem:
- Occasionally it becomes impossible to access the web site “www.comcast.net” . The error message received is “server not found”. However, I can successfully access the web site from my home computer. This problem lasts for about 24 hours then mysteriously solves itself.
The firewall is a ZyWALL USG 50. I have checked it and there are no instructions in it to block any website.
So, it is a big mystery to me as to why only 1 web site is blocked on what seems a random basis.
I wonder if it some problem withing the Comcast.net web site which causes problems?
Q1.) What steps would you take to troubleshoot this problem?
Q2.) Since there is no server involved and the firewall is the DNS server, what thoughts do you have about changing the dns ip address so it uses Open DNS?
To troubleshoot:
Do you have DNS that gets you the Comcast IP address?
command line:
nslookup
www.comcast.net
This should give you an IP address. If not, you have a DNS problem. If it does give an IP address then:
command line:
tracert www.comcast.net (or alternately use tracert xxx.xxx.xxx.xxx where the x's are the IP address).
This should trace out the path from your workstation to Comcast. If it fails then the last hop is the last good point in the path and the next hop after that is the likely problem point.
If the problem point is your router then you know something.....
etc.
Do you have DNS that gets you the Comcast IP address?
command line:
nslookup
www.comcast.net
This should give you an IP address. If not, you have a DNS problem. If it does give an IP address then:
command line:
tracert www.comcast.net (or alternately use tracert xxx.xxx.xxx.xxx where the x's are the IP address).
This should trace out the path from your workstation to Comcast. If it fails then the last hop is the last good point in the path and the next hop after that is the likely problem point.
If the problem point is your router then you know something.....
etc.
ASKER
I looked in the Event viewer. I see a series of event errors stating: "DNS client Events" In the General window it says: "Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded. "
The error event id is 1014.
I have no idea if this is related to my question. This error occurs about once a month
Mr Marshall: I will perform your suggestions within the next couple of days.
The error event id is 1014.
I have no idea if this is related to my question. This error occurs about once a month
Mr Marshall: I will perform your suggestions within the next couple of days.
ASKER
Mr Marshall:
I was able to perform the NSLOOKUP task. I know next to nothing about NSLOOKUP.
I opened a command prompt
I typed NSLOOKUP
I get a > for a response
I typed www.comcast.net
NSLOOKUP reponded:
server : Unknown
Address: 192.168.1.200
Non-authoritative answer:
Addresses: 2600:1406:1a::173d:c230
2600:1406:1a::173d:c2d2
96:17:15:32
96:17: 15:40
Aliases: www.comcast.net
www.comcast.net.edgesuite.net
Could you please translate? What does the above information signify?
I was able to perform the NSLOOKUP task. I know next to nothing about NSLOOKUP.
I opened a command prompt
I typed NSLOOKUP
I get a > for a response
I typed www.comcast.net
NSLOOKUP reponded:
server : Unknown
Address: 192.168.1.200
Non-authoritative answer:
Addresses: 2600:1406:1a::173d:c230
2600:1406:1a::173d:c2d2
96:17:15:32
96:17: 15:40
Aliases: www.comcast.net
www.comcast.net.edgesuite.net
Could you please translate? What does the above information signify?
Did you try changing DNS and see if that helped?
nslookup is a quite useful and fairly simple tool:
If you type "nslookup" then it will open the program .. as you did.
If you type "nslookup [space] [ someURL]" like "nslookup www.google.com"
then it will open the program AND look up www.google.com using the default DNS server.
Then it will stay in the program and you don't need to type "nslookup" any more as long as you have the > prompt.
If you type thereafter
[someURL][space][someDNSse
then the lookup will be done on that DNS server instead of your default DNS server.
With this you can compare your DNS server with others. Maybe yours is broken or no longer a good address.
Translation:
Addresses: 2600:1406:1a::173d:c230
2600:1406:1a::173d:c2d2
96:17:15:32 <<< are you sure this wasn't 96.17.15.32 ? an ipv4 IP address
96:17: 15:40 <<< are you sure this wasn't 96.17.15.40 ? an ipv4 IP address.
This says that you are getting DNS service from the DNS server at 192.168.1.200.
It also says that the URL you gave "www.comcast.net" was resolved to IP addresses.
But, the addresses you get are different than what I get.
23.59.189.105
23.59.189.88
These actually point to Akamai which is an edge service that Comcast would be using
If you do a reverse dns lookup on the web, the address you get comes back "" is all. That seems strange. Also, it doesn't lead to a web page. So that appears to be your problem - the server at 192.168.1.200 giving what looks to be bad info.
You might try 8.8.8.8 as a secondary DNS server address in your DHCP settings if that's possible.
You might also check where 192.168.1.200 is getting DNS service *from* - i.e. an external DNS server.
192.168.1.200 may have a DNS cache that's old.
All that said, it appears that www.comcast.com is redirected these days to www.xfinity.com with a different IP address.
I was not able to get to the page using any of the IP addresses - which is sort of unusual but may be the way of the modern internet
If you type "nslookup" then it will open the program .. as you did.
If you type "nslookup [space] [ someURL]" like "nslookup www.google.com"
then it will open the program AND look up www.google.com using the default DNS server.
Then it will stay in the program and you don't need to type "nslookup" any more as long as you have the > prompt.
If you type thereafter
[someURL][space][someDNSse
then the lookup will be done on that DNS server instead of your default DNS server.
With this you can compare your DNS server with others. Maybe yours is broken or no longer a good address.
Translation:
Addresses: 2600:1406:1a::173d:c230
2600:1406:1a::173d:c2d2
96:17:15:32 <<< are you sure this wasn't 96.17.15.32 ? an ipv4 IP address
96:17: 15:40 <<< are you sure this wasn't 96.17.15.40 ? an ipv4 IP address.
This says that you are getting DNS service from the DNS server at 192.168.1.200.
It also says that the URL you gave "www.comcast.net" was resolved to IP addresses.
But, the addresses you get are different than what I get.
23.59.189.105
23.59.189.88
These actually point to Akamai which is an edge service that Comcast would be using
If you do a reverse dns lookup on the web, the address you get comes back "" is all. That seems strange. Also, it doesn't lead to a web page. So that appears to be your problem - the server at 192.168.1.200 giving what looks to be bad info.
You might try 8.8.8.8 as a secondary DNS server address in your DHCP settings if that's possible.
You might also check where 192.168.1.200 is getting DNS service *from* - i.e. an external DNS server.
192.168.1.200 may have a DNS cache that's old.
All that said, it appears that www.comcast.com is redirected these days to www.xfinity.com with a different IP address.
I was not able to get to the page using any of the IP addresses - which is sort of unusual but may be the way of the modern internet
ASKER
Mr. Hurst: Not yet, the office is closed for the long holiday.
Mr. Marshall: Thanks for your info.
The 192.168.1.200 is the address of the ZyWall firewall. As I vaguely recall, (I haven't visited the office is several months) the internet service is provided by Qwest (now CenturyLink). I believe there is a Qwest modem under a desk somewhere which is the device that feeds the internet to all the other devices in the office.
The malfunction happens randomly .
I will look at the DNS settings in the firewall . My guess is they point to the Qwest device.
Mr Hurst and Mr Marshall: What are your thoughts about changing one of the DNS addresses in the Qwest device to 8.8.8.8.?
I recently visited OpenDns.com Apparently this service is not free anymore.
Any thoughts you have will be greatly appreciated.
Mr. Marshall: Thanks for your info.
The 192.168.1.200 is the address of the ZyWall firewall. As I vaguely recall, (I haven't visited the office is several months) the internet service is provided by Qwest (now CenturyLink). I believe there is a Qwest modem under a desk somewhere which is the device that feeds the internet to all the other devices in the office.
The malfunction happens randomly .
I will look at the DNS settings in the firewall . My guess is they point to the Qwest device.
Mr Hurst and Mr Marshall: What are your thoughts about changing one of the DNS addresses in the Qwest device to 8.8.8.8.?
I recently visited OpenDns.com Apparently this service is not free anymore.
Any thoughts you have will be greatly appreciated.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you both. Very good answers.
@donpick - You are very welcome and I was happy to help
Try update the firmware in the firewall and rebooting it. If it is easy to set up, try a hard reset to factory specifications.