asked on
Cannot connect to other machines in Domain
Ok weird issue. Client has an SBS 2008 server with about 8 workstations on the domain. I cannot connect to get them to connect to each other. I try to ping another workstation with all packets failed "Request timed out" I can ping the server from a workstation but not the server to workstation. I can see all the workstations when you look at the network. Cannot view a shared drive, cannot RDP cannot Ping. I have disabled firewall (win 7) and win defender and AV. Nothing. I have remote access to them from labtech I can RDP to the server from the workstations. I did not setup the environment. They are running a Cisco/Linksys switch (do not model yet) and a D-Link residential router. Server is a Domain controller both DHCP and DNS. I don't see any group policy that would stop this.
Networking
Last Comment
Frank Helk
ASKER
Well as this is a new client I assume it has been. Communication to the sever (DC) works. I can login as different users. I just joined another machine to the domain in fact 2 with no issue.
Can you ping a client by using its IP address?
Right now, it's sounding like the firewall on the server is blocking outbound ICMP requests. You can verify by checking the windows firewall on the server to see how it has been configured.
From the workstations, are you able to login to the domain? From the server, can you check the default gateway and default DNS server configurations? Have you tried by hostname and also by direct IP for attempting to connect to the workstations also?
ASKER
Yes my previous post I have added 2 machines to the domain. I will double check the IP settings after hours they are in production now.
Please review firewall settings as well. Let us know!
ASKER
Windows firewall is off on domain.
Is there any other firewall application running on the server?
ASKER
Vipre Business AV is all I see
To rule that out as the issue, are you able to create an exception in VIPRE to permit outgoing ICMP requests?
![Advanced Firewall Exception - VIPRE]()
ASKER
Older version of Vipre No firewall in any of the policies.
ASKER
Ok so I have stopped services on FW and Vipre with no change. I have 3 machines so far that cannot ping each other. I can 1 or 2 other machines on the network and the server. I have disabled IPv6 on both machines even though there is no Scope for IPv6. This is just strange. I need to do some physical exploring something is just not right.
Do they reply to ping if you use their IP address instead of hostname??
ASKER
I am not even using Name just IP
Try doing tracert from a host that is unable to ping. From that we should see where communication is broken.
ASKER
OK tracert all 30 hops timed out. I can do it to the server and its 1 hop and 2 other PC on the net and 1 hop. same as router.
So just to recap - at this point we have machines unable to ping each other OR the server. Correct?
ASKER
No, cannot ping each other but, I can ping the server from all.
ASKER
Ok so I spent time working on the various work stations.
Disabled Firewall and AV no luck
Released and renewed IP several times. Here is what I find
2 out of the 6 machines cannot ping each other or other machines. Cannot connect to the SQL on the 1 new machine. If I ping by name it does show the proper IP but still times out. If I ping by IP it times out.
What I am thinking maybe hardware. What if the switch is bad? Its a Linksys / Cisco SR2016 probably 8 years old.
Thoughts?
Disabled Firewall and AV no luck
Released and renewed IP several times. Here is what I find
2 out of the 6 machines cannot ping each other or other machines. Cannot connect to the SQL on the 1 new machine. If I ping by name it does show the proper IP but still times out. If I ping by IP it times out.
What I am thinking maybe hardware. What if the switch is bad? Its a Linksys / Cisco SR2016 probably 8 years old.
Thoughts?
If you have access to the switch, log in and review the logs. If needed, post an excerpt from the logs for us to review to see if there's anything that stands out as a potential cause. (Block any sensitive info prior to posting).
ASKER
Well that is a problem its an unmanaged switch nothing to access
The fact that when you ping by name you get the correct hostname proves that DNS is working. The fact that pinging by IP fails suggests that it's an ICMP issue for sure.
If you have onsite access, do a test and just change out the switch for a spare from home. It does sound like a faulty switch.
Has it been properly restarted (with a power cycle - off for at least a minute)?
If you have onsite access, do a test and just change out the switch for a spare from home. It does sound like a faulty switch.
Has it been properly restarted (with a power cycle - off for at least a minute)?
ASKER
I have one in the car. I have never seen anything like it, especially for such a small environment. Yes I powered it off and nothing. In fact the back of the case came out so its physically falling apart.
Yeah, that looks like the culprit. It's like Sherlock Holmes (or rather A. Conan Doyle) said: 'Once you've eliminated the impossible, whatever remains, however improbable, must be the truth'.
It's a borked switch. Let me know - I'm interested!
It's a borked switch. Let me know - I'm interested!
ASKER
I will
Jerry's final thought: I've come across knackered switches a few times, and what is notable is that when one dies, it seems to 'poison' the whole network, in a weird way.
Even after replacing the switch, you might need to at very least restart the DNS server. If that doesn't work, restart everything, cold - and by that, I mean, make sure everything is OFF, then power on everything from cold, so that nothing has a memory of the nonsense that the broken switch was chatting.
Including the replacement switch! EVERYTHING off. Then evertything on again, starting with your gateway, then switch(es), then servers, then workstations.
Even after replacing the switch, you might need to at very least restart the DNS server. If that doesn't work, restart everything, cold - and by that, I mean, make sure everything is OFF, then power on everything from cold, so that nothing has a memory of the nonsense that the broken switch was chatting.
Including the replacement switch! EVERYTHING off. Then evertything on again, starting with your gateway, then switch(es), then servers, then workstations.
ASKER
Its good practice anyway to do that.
ASKER
Well that was a no go. Still not able to ping after the switch change out the machines I could ping I could no longer. I still ping the server and gateway. I am very perplexed.
In the style of a confused Darth Vader 'Whaaat?'
You turned EVERYTHING off at the same time, then turned it all on again, in the correct sequence?
If so, all I can suggest is adding a new NIC to the DC, and disabling the existing one. If this doesn't help - I think you've entered the twilight zone. ;-)
You turned EVERYTHING off at the same time, then turned it all on again, in the correct sequence?
If so, all I can suggest is adding a new NIC to the DC, and disabling the existing one. If this doesn't help - I think you've entered the twilight zone. ;-)
.... I'm throwing darts in the dark here.
I've assumed all along that the workstations are all on the same subnet. Is this correct?
The default-gateway on each host is set to the DLINK residential router... ? Apologies if this has already been asked - I read through again and didn't see this information.
I've assumed all along that the workstations are all on the same subnet. Is this correct?
The default-gateway on each host is set to the DLINK residential router... ? Apologies if this has already been asked - I read through again and didn't see this information.
ASKER
Yes all same subnet no vlans all DHCP is done by server. At this point I am just going to delete the DHCP scope and start over. After everything restated yesterday I was able to ping every thing out of my workstation just no to it. I have SQL Express on a win 7 workstation
"After everything restated yesterday I was able to ping every thing out of my workstation just no to it. "
Ok - daft question, but is Network Discovery enabled on your workstation?
Having established the IP of your workstation with IPCONFIG /ALL, have you checked in DNS on the DC that this IP is known?
Ok - daft question, but is Network Discovery enabled on your workstation?
Having established the IP of your workstation with IPCONFIG /ALL, have you checked in DNS on the DC that this IP is known?
If that doesn't work, Wireshark it! Get wireshark on one of the workstations and capture what's coming in and out over the LAN. There's an explanation to this... there has to be or I'm going to start losing sleep...
He's helping me with a Firefox query, so if he loses sleep, it's my problem.
Damn you Clark20ry. ;-)
Damn you Clark20ry. ;-)
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.
I have recommended this question be closed as follows:
Accept: Clark20ry (https:#a41410832)
If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.
frankhelk
Experts-Exchange Cleanup Volunteer
I have recommended this question be closed as follows:
Accept: Clark20ry (https:#a41410832)
If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.
frankhelk
Experts-Exchange Cleanup Volunteer
Are all other domain services working on? User login, etc? From the win 7 client perspective everything seems ok, correct?