Server cannot connect to any host outside our network on port 80

We have a Windows 2012 server that is a domain controller running as a VM on a 2012 host.  All domain functions are working properly.  DCdiag reports everything passed.  All computers and other servers on the domain are working as expected. However on this server port  port 80 and 443  http requests to any outside host fails.
 
If we ping (ICMP) any outside host from this server like yahoo.com or google.com we get a response. However internet explorer does not resolve any web sites we get "This page can't be displayed".  The network icon on the system tray has a yellow exclamation point.  We “can” connect via IE to any inside server on port 80 or any other port. When using telnet we can connect to any host server on port 80  inside of the network. We can telnet to a mail server on port 25 outside the network.  However we cannot telnet to port 80 on any server outside the network. All other servers and PCs do not have this issue, just this one server.  This just started happening for no apparent reason.

 We have tried rebooting, resetting Internet explorer to defaults, clearing DNS cache, disabling SEP antivirus and firewall, verifying DNS on the server is working for all other PCs, have the DNS on this server pointing to itself and another working DNS server.  We unchecked the “automatically detect proxy” in internet explorer options.  The gateway is correct as it resolves all hosts at the command prompt.  We disabled and re-enabled the virtual NIC from the host and the guest. We have managed switches but all are default settings so we have no ACL set up anywhere.

Any help will be appreciated!
IEerror.JPG
TonygretAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

arnoldCommented:
In a command window
Can you reolve any.
Nslookup www.google.com
Do you have a proxy on the firewall which might not have excluded this system from being blocked.
TonygretAuthor Commented:
nslookup resolves no problem.  Just like pinging google.  See below.  However telnet to port 80 or http via IE to any outside host fails.  

c:\nslookup
Non-authoritative answer:
Name:    google.com
Addresses:  2404:6800:4003:c02::8a
          173.194.126.196
          173.194.126.194
          173.194.126.206
          173.194.126.197
          173.194.126.198
          173.194.126.193
          173.194.126.199
          173.194.126.192
          173.194.126.195
          173.194.126.200
          173.194.126.201

C:\ping google.com

Pinging google.com [74.125.68.113] with 32 bytes of data
Reply from 74.125.68.113: bytes=32 time=187ms TTL=39
Reply from 74.125.68.113: bytes=32 time=186ms TTL=39
Reply from 74.125.68.113: bytes=32 time=188ms TTL=39
Reply from 74.125.68.113: bytes=32 time=186ms TTL=39

Ping statistics for 74.125.68.113:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 186ms, Maximum = 188ms, Average = 186ms
arnoldCommented:
Does httpd://www.goolge.com work?   Do you have a proxy/firewall in the environment that is blocking outgoing traffic except from authorized systems?

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

TonygretAuthor Commented:
httpd://www.goolge.com using IE does not work.  I went though every setting in our firewall.  I can not find anything blocking this machine.  It was working last week.  In fact I can see traffic from this server on the sonicwall for DNS but no traffic for http.  Bazar!
arnoldCommented:
Check the ip if the server against the rules you have.

The obe to try is https://www.google.com try any bank https://www.yourbank.com

Do you have a rule blocking outgoing port 80 requests?
The point something changed  and possibly an error in the restriction overlapped this server's IP. And thus denying it access to port 80 and possibly other external destination.

Enable logging and see if it records an event when this server tries to access. The bet, check IIS tools, Internet options to make sure you do not have a proxy configured there or auto discovery of proxy is what ........ I,e. Internet explorer see sthe auto config proxy, but the proxy is not configured to allow this system access.

There are many possibilities.
TonygretAuthor Commented:
It appears that for some strange reason an outgoing NAT policy on our SonicWall that has always been there was interfering with this machine.  We made some changes on the SonicWall and it started working.  I still have no idea why it stopped working.
arnoldCommented:
a simple typo can do it. block a range of ips, entered 28 instead of 29 with the ip typo that took the preceeding segment
instead of 192.168.0.8/29 192.168.0.7/29 or 192.168.0.8/28.......
it was not noticed on other servers as they are not used to access external resources......
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2012

From novice to tech pro — start learning today.