Fix new domain computer that can't reach internet
I just introduced a new computer into a domain.
It uses static IP addressing.
It is domain-joined.
One can ping the network but can't access the internet with ping or http/browsers.
nslookup seems to be working fine.
I've removed and reinstalled the NIC and made the proper settings.
The rest of the network computers are fine.
The computer is in the domain and in the computer OU it belongs in.
The domain gateway entered on the NIC is the local DC.
The domain gets internet via a firewall - so that's the gateway for the DC.
The DC is NOT a DHCP server as all the domain computers are given static addresses.
There is a gateway on the LAN running DHCP.
IF this one computer is allowed to get an address via DHCP then it reaches the internet just fine.
TRACERT to a connected subnet host normally results in:
- firewall
- local subnet gateway
- remote subnet router
- remote host
However, with this one computer, the traceroute doesn't work and the first response is ****
However, with this one computer, if we add a persistent route pointing to the remote subnet via the local subnet gateway, the TRACERT result is:
- local subnet gateway
- remote subnet router
- remote host
So, skipping the firewall route for this one computer fixes that one thing.
So, either the DC isn't letting this one computer hit the firewall route
Or, the firewall isn't allowing packets to route further on the LAN for this ONE computer.
How to fix?
I can't even update PowerShell - obviously....
It uses static IP addressing.
It is domain-joined.
One can ping the network but can't access the internet with ping or http/browsers.
nslookup seems to be working fine.
I've removed and reinstalled the NIC and made the proper settings.
The rest of the network computers are fine.
The computer is in the domain and in the computer OU it belongs in.
The domain gateway entered on the NIC is the local DC.
The domain gets internet via a firewall - so that's the gateway for the DC.
The DC is NOT a DHCP server as all the domain computers are given static addresses.
There is a gateway on the LAN running DHCP.
IF this one computer is allowed to get an address via DHCP then it reaches the internet just fine.
TRACERT to a connected subnet host normally results in:
- firewall
- local subnet gateway
- remote subnet router
- remote host
However, with this one computer, the traceroute doesn't work and the first response is ****
However, with this one computer, if we add a persistent route pointing to the remote subnet via the local subnet gateway, the TRACERT result is:
- local subnet gateway
- remote subnet router
- remote host
So, skipping the firewall route for this one computer fixes that one thing.
So, either the DC isn't letting this one computer hit the firewall route
Or, the firewall isn't allowing packets to route further on the LAN for this ONE computer.
How to fix?
I can't even update PowerShell - obviously....
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks! You pushed me in the right direction.
I will admit my dumb mistake. Perhaps someone will learn from it.
I had continually entered the DC address as the Gateway when the working machines have the firewall as the Gateway.
DOH!!
I will admit my dumb mistake. Perhaps someone will learn from it.
I had continually entered the DC address as the Gateway when the working machines have the firewall as the Gateway.
DOH!!
ASKER
Thanks again!!
I am glad you got it working. Feel free to mark all helpful posts. :-)
As one who has NEVER made a dumb mistake, I can scowl at you!
More seriously, Hello There really gave you the answer before I did. Hello should get the points.
More seriously, Hello There really gave you the answer before I did. Hello should get the points.
I suppose that the domain gateway is the same as used on all working computers?
Btw. we use a router as a default gateway...
Might be a configuration issue. So do it, use DHCP, get the IP configuration and compare it with your current configuration and see if there are any differences.