Paul Cahoon
asked on
Routing issues
I have a Windows 2012 R2 Server that I seem to be having some routing issues with. I can ping addresses and dns seems to be resolving correctly but I cannot browse to anything. I am also having trouble with a command line smtp client not working which is what clued me in that there was a problem. When I run tracert all I get is * * * ...etc. I am not sure where to go from here.
Something else I noticed is that on another machine that IS able to browse fine, I ran a tracert. Right after the hop to my gateway, I see a hop to an OLD router. I actually changed the whole subnet of my network when I changed routers so it jumped out at me. I'm not sure if this is related or not but it kind of concerns me why this address would be showing up.
Something else I noticed is that on another machine that IS able to browse fine, I ran a tracert. Right after the hop to my gateway, I see a hop to an OLD router. I actually changed the whole subnet of my network when I changed routers so it jumped out at me. I'm not sure if this is related or not but it kind of concerns me why this address would be showing up.
have you tried ipconfig /flushdns on the errant server?
ASKER
I had not because I wasn't really looking at it as a dns issue. I did try it just now and it didn't make any difference.
IF you are doing a tracert and you see an "old" IP address, I would start with doing "netstat -rn" on the computer that fails and the one that works. Look at the differences. Then go to each device in the path to see what its routing tables look like.
If you can ping a host, but can't access a web server running on it, then it has nothing to do with routing. Routing is as the IP address level and has no clue about the application level (port). It sounds more like a firewall is blocking http or https traffic.
If you can ping a host, but can't access a web server running on it, then it has nothing to do with routing. Routing is as the IP address level and has no clue about the application level (port). It sounds more like a firewall is blocking http or https traffic.
ASKER
I have turned the firewall completely off on this server in troubleshooting. My gateway has a firewall but it is not blocking anything on egress at this point. Also, everything other workstation/server is going through the same firewall without any issues. I have attached the netstat -rn from both machines:
Also, here is the tracert on the workstation. The 2nd line is my old gateway address:
Again, this workstation is connecting fine but wasn't sure if that was something I should worry about.
Also, here is the tracert on the workstation. The 2nd line is my old gateway address:
Again, this workstation is connecting fine but wasn't sure if that was something I should worry about.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
That did it. I don't understand why the 25.0.0.1 route needs to be a higher metric, though. That is a vpn adapter. I would think it would need to hit the primary nic first. Any explanation would be appreciated as is the helpful solution.
In most cases when you have a VPN connection there are two options:
1) It is the default route and take the lowest metric so that all traffic gets routed through the VPN.
2) It is not the default route and specific routes are added for any/all subnets that need to be routed through the VPN. This is called split tunneling.
1) It is the default route and take the lowest metric so that all traffic gets routed through the VPN.
2) It is not the default route and specific routes are added for any/all subnets that need to be routed through the VPN. This is called split tunneling.