Solved

Win 2008 server lost access to network router

Posted on 2016-08-03
5
88 Views
Last Modified: 2016-08-03
Have a Win2008 server in a small LAN. It is running as a domain controller and is also running an email server. LAN is connected to Internet via a ZyWALL router (192.168.1.1), and it has worked well for a long time. Yesterday I noticed that the server seemed to not access the Internet anymore (mail server failed dns lookups to external dns). Inbound emails work fine (the server responds to external requests).

Investigation showed that the server doesn't "see" the router.
I'm able to ping the router from other devices in the LAN. From the server I'm able to ping all other addresses - except the router address. From PCs in the LAN I'm able to ping the server's IP address. This tells me that there may be something that prevent the server to access the router. Have checked the routing tables, and the address 0.0.0.0 is routed to the correct address (192.168.1.1).

Expect that there may be some process or service that prevents the server from accessing the rouer's IP addres, but I'm not able to fine what it is. The server is running Malwarebytes to prevent attacks and malware. Have tried to disable it, but not sure if I've done it right.

Are there any other steps to take in order to solve this problems?  Thanks!
0
Comment
Question by:omberli
  • 3
5 Comments
 
LVL 28

Assisted Solution

by:Michael Pfister
Michael Pfister earned 250 total points
Comment Utility
When the server responds to external requests there is IP connectivity between the router and the server.

Anything on the ZyWall preventing access to the Internet just for the server?
0
 

Author Comment

by:omberli
Comment Utility
I can't see anything on the ZyWall that should create this problem. Have made a short log on it while running a ping on the server. It seems like the router sees the request, but doesn't respond. Have attached a screendump from Wireshark that displays the router log file.
wireshark.pdf
0
 
LVL 95

Accepted Solution

by:
Lee W, MVP earned 250 total points
Comment Utility
Perhaps it's not the server that's the problem. What if your router thought it was being attacked from the server and disallowed communication with it.  

Have you tried a different router - even a cheap home one - just to test...?
0
 

Author Comment

by:omberli
Comment Utility
Good idea!  Put in an older ZyWall 2+ and it works just as it should. Server pings the router ok and the server is able to access the internet. Need to find out why that other ZyWall didn't respond.... Haven't seen any setting that should "ban" local units....  Anyway - thanks a lot!
0
 

Author Closing Comment

by:omberli
Comment Utility
Thanks!
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now