Cannot browse from one server on network

2,015 pts.
Tags:
DNS
Microsoft Windows
Servers
A rather interesting problem. There is one server on the network where we can no longer use the web browser to reach sites on the internet. Other servers and desktops work just fine. This is the server that hosts Exchange server 2000. Ther is no real problem in passing mail other than the usual bad addresses and such, though their is one site that cannot be reached via mail. The only recent changes were the installation of a spam filter (GFI Mail Essentials for Exchange v. 10) and the browser worked fine after that. The other change was to modify the internal DNS to provide a path to the mail server of a company that we will be doing a lot of business with over the next year or so. This was done because there was not a proper fail over for the MX record of this firm. I did finally find the proper fix for this, but it has yet to be obtained and fixed. However, the browser worked after this fix was implemented. On Thursday i found tha tthe browser on this machine would not reach the web. I ran a series of pings by IP address. The internal network is reach able, but pings outside the network time out. If I ping by name to the outside, the proper address is returned, which means the lookup succeeds, but the ping then times out. Setting the firewall to record all outgoing and incoming attempts to ping so that the ping goes out, but I see no return, so it seems the ping is passing the firewall--remember this is the only machine experiencing this problem. Since this is the production mail server, I am somewhat limited in being able to bring it down and do anything, or even take it off the network for a time. It had been restarted just prior to this problem with the browser because the mail suddenly stopped flowing. The browser worked fine prior to the restart. The machine appears to be free of virus, but I am not able to update the anti-spyware definitions for spybot, so that has not been run as the machine was clean, and has never shown an infection. The browser is normally just used to obtain updates for the OS, Exchange Server, etc., so it is unlikely to have an infection of spyware or adware. I am looking for ideas how to resolve this problem, as we do need to be able to update the server. Steve//
ASKED: February 12, 2005  12:28 PM
UPDATED: February 20, 2005  6:57 AM

Answer Wiki

Thanks. We'll let you know when a new response is added.

Firstly it can relate to the software,but also check your ports to see which is open (sometimes spyware programs close some ports),I once noticed this when i added a mail scanner from www.mwti.com (free download).
Also it might highlight thats its through some configuration changes if you downed the server before (as this refreshes the new setting into effect (but resorting to the last known good configuration would be the last on the task).
Your DNS settings would need to be check (on the other hand always keep server configurations readily available and always updated).
Let me think on it i’ll reply later!!!!

Discuss This Question: 12  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Sonotsky
    Just a quick reply (sorry, have little time to elaborate at the moment)... Check the routing table on the Exchange box. You mentioned that you made some DNS changes on your network - perhaps the local routing table is screwed up? Also, clear the local DNS cache and see what happens. Good luck
    695 pointsBadges:
    report
  • Dwiebesick
    I agree, I would run ipconfig /flushdns to clear the local cache. If that did not fix the problem, I would look at the local hosts file to ensure that is ok. I also would check for a bad LSP. This link has the program, just run to ensure it is not broken. http://www.cexx.org/lspfix.htm good luck darrell
    2,235 pointsBadges:
    report
  • Stevesz
    Port 80 is fine. I can get into OWA from bot inside and outside the network with no problem. I ran PORTQRY and NETSTAT as well to double check and do have a number of connectios to OWA open by varioous people both inside and outside the network. As this is the only machine, apparently, on the network that is having the problem, I don't think that DNS is an issue, and it is sending and recieving mail. The sending of mail would not happen without the use of DNS. Double checking again, I find that the DNS servers listed are to our internal DNS, as with all the machines here, and that is forwarded outside should there not be the lookup available locally. I compared a routing table from another machine, and the two match, so it does not seem to be a routing table problem. The machine I used to compare is able to browse the internet. I've run IPCONFIG /FLUSHDNS several time prior, and have done so again today with no positive result with regards to web contact. I have checked the HOSTS file, and it is fine, with only "127.0.0.1 localhost" as the only entry. I ran the LSP program and it comes up clean. I also instlled a copy of FireFox to rule out an IE problem, and it also cannot connect to the internet. Steve//
    2,015 pointsBadges:
    report
  • Guardian
    Its a bit interesting,another area to check is your IIS (Internet Information Services),check with the Default web site port (is it 80) then check your administration web site(which port is reflecting).Remember any changes on these services distort conection to the internet. Here we are all shooting blindly into the dark,but we are just trying to relate to some problems experienced before.Also just trying to eliminate problem areas.Bear with us (down time is a headache) Another point download Exchange All In One tool from www.microsoft.com/downloads (server applications).There are a number of tools their (initial size is 34 MB-when extracted it comes to 94 MB)i guess we all know MS file sizes. Question:Are you browsing from the server or using a workstation to connect through that server (just wanted to confirm)cause ISA can affect this area (but usually for mail). That spam filter what is it filtering? Newton PS:keep us informed
    900 pointsBadges:
    report
  • Stevesz
    I am trying to browse from the server itself. We just use the browser for updates and to visit eventid.net when necessary. I'll check IIS today, but I suspect it is OK as there is no problem using OWA from inside or outside the network. We do not use ISA as we hae a firewall appliance in place. The spam is filtering incoming mail, which is one thing that make this so interesting. Mail flow is fine, browser access to the server is fine, but I cannot get out on the browser, and now, I've noticed, with the auto update portion of the spam filter (GFI Mail Essentials). I spoke with GFI yesterday, and mentioned this, but GFI only monitors the mail flow. We are going to switch NICs in the server today, andif that does not work, I'll remove and reinstall the TCP stack. If successful, we will apply the latest updates to WIN2K while we are at it. We are in the process of building a backup server for Exchange, and, if need be, we'll probably go to that, after we have exhausted every other avenue.
    2,015 pointsBadges:
    report
  • Ghigbee
    Is this machine using some kind of port forwarding rule for the SMTP traffic through the firewall? Are there other specific firewall rules for this machine's IP address? I wonder if traffic other than SMTP is not being NAT'ed through the firewall for this machine.
    0 pointsBadges:
    report
  • Stevesz
    Port 25 is specifically noted in the rules on the firewall appliance, and directed out and in through a specific public IP address, which has a 1 to 1 NAT with the private IP. I'd haev to get into the firewall to grab the specific rule as I don't remember it off the top of my head, but it has worked fine for the past couple of years. When I do a ping, I do see the ping going out, it just never returns. I've also seen DNS lookups when I try a ping by name, and it does return an IP for the name, but the ping does not return. Steve// P.S. We had to put off the switching of the NIC until tomorrow, so I have nothing to report on that front yet.
    2,015 pointsBadges:
    report
  • Guardian
    Firstly is your external address okay? Secondly if you are not using ISA,are you using internet connection sharing.Cause it can work for some time but suddenly it can stop. True the spam software will not download updates.But thats funny (interesting)cause its relating to where the packets are being sent to (replied-that relates to you not receiving you ping reply) Tracert might not help here. TCP will not change that much cause if you check with this ping 127.0.0.1 you should get a reply to show TCP is configured correctly. Also you firewall might be the main reason that you're not getting your replies.Check with event view to see if the has been any rejected formats.Its hardware not software,ISA is software. your NICs maybe but its okay to test. Which class of IP addresses are you using?
    900 pointsBadges:
    report
  • Guardian
    Firstly is your external address okay? Secondly if you are not using ISA,are you using internet connection sharing.Cause it can work for some time but suddenly it can stop. True the spam software will not download updates.But thats funny (interesting)cause its relating to where the packets are being sent to (replied-that relates to you not receiving you ping reply) Tracert might not help here. TCP will not change that much cause if you check with this ping 127.0.0.1 you should get a reply to show TCP is configured correctly. Also you firewall might be the main reason that you're not getting your replies.Check with event view to see if the has been any rejected formats.Its hardware not software,ISA is software. your NICs maybe but its okay to test. Which class of IP addresses are you using? consider gghigbee's question also!! Regards Newton BAckup you mail data base if you are installing a new server (exchange),whilst creating personal folders (it relieves the server)and in case of DRP it helps
    900 pointsBadges:
    report
  • Guardian
    Firstly is your external address okay? Secondly if you are not using ISA,are you using internet connection sharing.Cause it can work for some time but suddenly it can stop. True the spam software will not download updates.But thats funny (interesting)cause its relating to where the packets are being sent to (replied-that relates to you not receiving you ping reply) Tracert might not help here. TCP will not change that much cause if you check with this ping 127.0.0.1 you should get a reply to show TCP is configured correctly. Also you firewall might be the main reason that you're not getting your replies.Check with event view to see if the has been any rejected formats.Its hardware not software,ISA is software. your NICs maybe but its okay to test. Which class of IP addresses are you using? consider gghigbee's question also!! Regards Newton BAckup you mail data base if you are installing a new server (exchange),whilst creating personal folders (it relieves the server)and in case of DRP it helps. Use that Exchange all in one tool for replication onto the new server.
    900 pointsBadges:
    report
  • Stevesz
    Problem resolved. We switched NICs in the server (already had the 2nd one in there), and retained the private IP, moving it from the old NIC to the new one. Tried to communicate on the new IP on the old NIC with the same results we had been having throughout this. The new NIC was no better. Removed the TCP stack and reinstalled with no better results. Went back to the firewall. Still seeing packets going out but not being returned. Removed the HTTP Proxy, and no one is getting out. Reinstalled the HTTP Proxy, and problem resolved. Since the Proxy was set up in the same way as it ws prior to its removal, it may have become corrupt somehow, and reinstalling it removed the corruption. Funky thing was that this was the only machine affected. However, it was the only machine NATted in the proxy for access to the OWA for users outside the office. I do intend to speak to the vendor about this to try to determine exactly what had gone wrong here, and if it may be avoided in the future. Thanks for all the help on this--it was just too weird.
    2,015 pointsBadges:
    report
  • Guardian
    Nice to hear that!!!! I had one of my MS Exchange server services go corrupt and the last resort was to reinstall. Thanks for the update Newton
    900 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following