School computers connect to web page, others cannot.

I am the Network Admin for a small Christian School.  We have about 175 devices a mixture of windows 7 and 10 predominantly.

What I don't understand is that some computers can connect to a web site and others cannot connect to the same website.

Desktops seem to be able to connect and laptops cannot.  I thought it might be a wireless vs wired issue, but even if I turn off the wireless and connect with a wire, the laptop still cannot connect.

I have cleared the various caches and flushed the dns on the laptop.  I have tried 3 different browsers.

I do a ping test to the same web site from the wire connected laptop, it says destination unavailable. I can successfully ping google at the same time from the same laptop.  So it is not a connection to the network or internet issue.

On a desktop, I can ping both google and the other target website without a problem.

So what would block the same web site from one computer but not the other computer on the same network, sharing the same router, series of switches, wires, etc.?

In this test the computers are both windows 7.  We use for our content filter. All computers have the same antivirus, thirtyseven4.  Firewall settings are the same and controlled by thirtyseven4 for each device from the server.

Thank you.

Jerry ThompsonNetwork AdminAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
When you ping the website from the laptop and desktop, do they report the ping destination as the same address?

Do you have any user control software/ parental control software in use?
Steven CarnahanAssistant Vice President\Network ManagerCommented:

The author stated:

"I do a ping test to the same web site from the wire connected laptop, it says destination unavailable."


From the laptop can you do an NSLookup on the website? What does it return? Do the same from the desktop and compare results.  Check that both the laptop and the Desktop are using the same DNS server?

Are you placing the laptops and desktops in different VLANs? If so, do you have anything in the router blocking the laptop VLAN? Look at the router and firewall logs for any denies.

Check the opendns settings for anything separating the two.
I note you say you have 175 computers attached. Have you check your DHCP server to make sure your DHCP range is broad enough for that many computers?

Are the laptops getting a valid IP address (i.e., not in the 169.x.x.x range)?
Your Guide to Achieving IT Business Success

The IT Service Excellence Tool Kit has best practices to keep your clients happy and business booming. Inside, you’ll find everything you need to increase client satisfaction and retention, become more competitive, and increase your overall success.

Jerry ThompsonNetwork AdminAuthor Commented:
Thank you all for your responses.

Rich: Yes, they are pinging the same IP address.  All content control is via So the router and server sends all the traffic through the opendns content filter servers.  No controls active on the server or workstations nor in the antivirus or router.

Pony10us: There are no vlans active although I would like to learn more to see if it would help manage the traffic.

Regarding nslookup:  I am not sure I did the right thing.  At a command prompt on both computers I typed nslookup >> then >> Enter.

Desktop returned:
Server:  []  (Local primary server)
Address: (Correct local IP)

Non-authoritative answer:
Address:  (Correct destination ip)

Laptop returned
Server:  unknown
Address: (Correct local IP)

Non-authoritative answer:
Address:  (Correct destination ip)

If this is not what you meant, then I will need more information on how to do what you suggested.

Strung: I have given fixed ip addresses to most stationary assets such as desktop computers, printers, access points. DHCP basically handles the wireless traffic.  Currently 71% of available addresses are being used.

I am not aware of any units getting an invalid IP.

Any other thoughts or ideas?

Thank you.

Steven CarnahanAssistant Vice President\Network ManagerCommented:
Okay, so NSLookup comes back with the same IP for the site.  You can't browse to the site from a laptop using the domain name.  Can you browse to it using the IP address?  If you can then it is DNS related.

I am going to take a risk and say the IP's you provided are not what was truly returned.  If that isn't the case then you have a duplicate IP for the desktop and laptop.
Did you make sure that the fixed IP's were in the same subnet as used by the DHCP server, but outside the range used by the DHCP server. If not, you are going to get IP conflicts.

For instance, if you DHCP server is set to serve up IP addresses between and, you need to use to for your fixed IP's.
Steven CarnahanAssistant Vice President\Network ManagerCommented:
Another thing I noticed it that the laptop returns Server: Unknown.  This is usually related to IPv6.

On the laptop go into your IPv6 properties, and set the IP and DNS address settings to be obtained automatically.

Then in Manage network adapters windows, change the view options to show Menu, then click on Advanced, Advanced, and make sure IPv4 is on top instead of IPv6.
Jerry ThompsonNetwork AdminAuthor Commented:
Thanks again for a response.

Pony10us:  I cannot browse nor ping that IP address.  The current desktop I am using to test has a fixed IP and the laptop has one assigned by DHCP.

Strung: DHCP uses a different subnet from the fixed IP's.  DHCP uses while the fixed IP's use:

While this is likely excessive each has a purpose. are for printers, servers, routers, AP's etc. are for staff computers are for student desktops.

Other information:

I tried two chromebooks and neither chromebook could not access (Note: We've had problems with other sites, I am using because it is the most recent issue.)

I connected to with my samsung S5 using data, but could not connect using the schools wifi.

Thank you again.

Steven CarnahanAssistant Vice President\Network ManagerCommented:
Please check your IP address on the laptop:

Laptop returned
 Server:  unknown
 Address: (Correct local IP)

" are for student desktops."

Using separate subnets is sort of like using VLAN's.  You are basically isolating devices that can directly speak to each other.  

1. make sure that the DNS server is passing traffic from each of the subnets
2. make sure the switch trunk port is passing traffic for each of the subnets
3. make sure the router is passing traffic for each of the subnets

Have you checked the router, firewall and opendns logs for denies?
DrDave242Senior Support EngineerCommented:
I don't think this is a DNS issue. Even though the reverse lookup of the DNS server's IP address was unsuccessful from the laptop for some reason (that's why nslookup shows "Server: Unknown"), it did resolve the website's name to the correct address. I get the same address from here, BTW.

It looks like either a firewall or content filter is blocking traffic, except that:
  • The laptop couldn't get through on either its wired or wireless adapter. That doesn't sound like firewall behavior, unless you're whitelisting traffic only from certain addresses, which sounds like an administrative nightmare.
  • Content filters will typically display a custom page when they block web traffic, rather than simply returning a 404, so that a user will know why they can't get through.
  • You mentioned that the firewall and content filter settings are the same for both machines.

When you connected the laptop to the wired network that the desktop is on, did you assign it a static IP address in the range and make sure the subnet mask, gateway, and DNS settings matched those of the desktop?
Steven CarnahanAssistant Vice President\Network ManagerCommented:
A couple of other things to look at:

1. Is there a proxy involved?  If so then are both the desktop and the laptop configured the same way for that?

2. Are you blocking ping (ICMP) on the laptop? Perhaps with Windows Firewall?
Jerry ThompsonNetwork AdminAuthor Commented:
Problem solved.

I had noticed weeks ago the subnet mask of my DHCP scope was  I went to change it to and it would not let me.  I figured I had to delete and recreate the scope, I was fearful of doing so in the middle of the school day.  I also did not see how that would stop me from reaching a website.

Today I talked with someone who knows more than I. He noticed the bad subnet, said that was the problem and helped me delete and rebuild the scope.

And now all works as it should.

It strikes me weird how 98% of the websites resolved fine and just a few would not.

Thank you for all your suggestions. they are greatly appreciated.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Jerry ThompsonNetwork AdminAuthor Commented:
A friend/consultant showed what the problem was and help be fix it.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.