Internet Access Problems from NT Workstation

Toggle sidebar Toggle sidebar
G

Guest

Guest
Archived from groups: microsoft.public.windowsnt.setup (More info?)

I've recently begun having problems with one of the NT computers on our
network accessing the internet. This is a Windows 2003 server network and
this one NT workstation sometimes can get on the internet and sometimes it
can't. It seems random when it can't. We use Microsoft Firewall Client
with ISA 2000 and when it doesn't work it's saying it can't connect to the
ISA server. I don't believe it's a network problem, because it can still
consistently connect to the network when it can't get to the internet. If I
reinstall the Firewall Client, it works for awhile, but then it randomly
stops again. It will also randomly start working again without any
intervention on my part. Other NT workstations in our office have not
exhibited this problem to my knowledge; neither have our 2000 or XP
stations.
Any other clues as to what I could look for for what's causing this problem?
Thanks!
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsnt.setup (More info?)

No this station is unique in terms of the software that is on it (not
software that should affect internet access). I do not have a way to
re-image it.

"Jetro" <jetro@internet.net> wrote in message
news:uycjCTPZEHA.2944@TK2MSFTNGP11.phx.gbl...
> Can you just re-image the station?
>
>
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsnt.setup (More info?)

Take a look if it applies in your situation:

http://support.microsoft.com/?kbid=303379
Firewall client conflict with third-party layered service providers causes
connectivity problems

chkwsp32.exe is a Client diag utility, sporder.exe is a part of Platform
SDK.
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsnt.setup (More info?)

Thanks very much, but this doesn't appear to be the problem. I may still
try the chkwsp32.exe to see what it says, but meanwhile, here's another
related question:
Whenever IE on the computer attempts unsuccessfully to connect to the
internet through our firewall, it first says Connecting to site 10.0.0.140
in the status bar, just before failing. The problem here is that I have no
idea what 10.0.0.140 is on our network. I can ping it, but it doesn't
return any name other than the IP address, it's not in our DHCP address
lease set and is therefore not assigned to any computer. Our firewall
router is not that that address, nor are any of our printers that I can see.
Is there any way of tracking down what this IP could be that her IE would be
trying to reach it all the time?

"Jetro" <jetro@internet.net> wrote in message
news:e%23lJ2wPZEHA.136@TK2MSFTNGP11.phx.gbl...
> Take a look if it applies in your situation:
>
> http://support.microsoft.com/?kbid=303379
> Firewall client conflict with third-party layered service providers causes
> connectivity problems
>
> chkwsp32.exe is a Client diag utility, sporder.exe is a part of Platform
> SDK.
>
>
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsnt.setup (More info?)

I'd look into DNS server records and ISA scopes. Besides you can get MAC
address from the ARP cache.
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsnt.setup (More info?)

I'm very sorry, but you lost me here...where exactly would I look at these?
I mean, I know how to get into the DNS manager and ISA management, and I
know where some of the ISA logs are, but none that refer to this IP address.
Also, how would I get the MAC address from the ARP and how would the MAC
address indicate to me what machine this is? I'm sorry for the 20
questions, but some of this is new to me. I greatly appreciate your
assistance, thanks!

"Jetro" <jetro@internet.net> wrote in message
news:e$AjyIcZEHA.136@TK2MSFTNGP11.phx.gbl...
> I'd look into DNS server records and ISA scopes. Besides you can get MAC
> address from the ARP cache.
>
>
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsnt.setup (More info?)

Jenna,

If you can ping a private IP, most probably this IP is somewhere within your
local network segment. If the network is multi-segmented and the routers
pass the ICMP echoes, the host in question can be anywhere in this network
unless the IP is spoofed.
Address Resolution Protocol aka ARP builds and modifies the IP-to-Physical
address translation tables on every Ethernet host by its nature - actual
network communication involves physical addresses aka MACs. ARP table is
dynamic. Clear the ARP cache as 'arp -d', ping this phantom IP, and call ARP
table as 'arp -g'. The MAC address you'd get belongs either to the host
itself or to the default gateway. If the latter, the troubleshooting would
be more complicated (it may involve W2k/Xp and pathping), so I bet it would
be the NT host which bothered you :eek:) Having MAC handy you can locate the
physical host and nail it down.
Sure you can use Network Monitor or any sniffer at your will if you want GUI
and mouse...

DNS records: you can find them in both Forward and Reverse Lookup zones AND
in the local %systemroot%\system32\drivers\etc\hosts file.
Unfortunately, I don't have ISA server around, so you would dig in the ISA
Help yourself for a while.
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsnt.setup (More info?)

Ahh, it's narrowing down...I found it in DNS...it appears to be related to
our VPN which was recently set up...I will have to check in with the guy who
helped me with that and that should clear it up, I hope.
Thanks so much for your help!

"Jetro" <jetro@internet.net> wrote in message
news:Ow3a1ydZEHA.3132@TK2MSFTNGP10.phx.gbl...
> Jenna,
>
> If you can ping a private IP, most probably this IP is somewhere within
your
> local network segment. If the network is multi-segmented and the routers
> pass the ICMP echoes, the host in question can be anywhere in this network
> unless the IP is spoofed.
> Address Resolution Protocol aka ARP builds and modifies the IP-to-Physical
> address translation tables on every Ethernet host by its nature - actual
> network communication involves physical addresses aka MACs. ARP table is
> dynamic. Clear the ARP cache as 'arp -d', ping this phantom IP, and call
ARP
> table as 'arp -g'. The MAC address you'd get belongs either to the host
> itself or to the default gateway. If the latter, the troubleshooting would
> be more complicated (it may involve W2k/Xp and pathping), so I bet it
would
> be the NT host which bothered you :eek:) Having MAC handy you can locate the
> physical host and nail it down.
> Sure you can use Network Monitor or any sniffer at your will if you want
GUI
> and mouse...
>
> DNS records: you can find them in both Forward and Reverse Lookup zones
AND
> in the local %systemroot%\system32\drivers\etc\hosts file.
> Unfortunately, I don't have ISA server around, so you would dig in the ISA
> Help yourself for a while.
>
>
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsnt.setup (More info?)

My, we're learning together... Glad you found it yourself. Now it's easy -
misconfigured VPN server registers all its IPs in the DNS and client's query
arrives to the wrong IP.

Please read http://support.microsoft.com/default.aspx?scid=kb;EN-US;292822
Name resolution and connectivity issues on a Routing and Remote Access
Server that also runs DNS or WINS
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsnt.setup (More info?)

Thanks so much...this sounds exactly right!
I'll take a look at it and let my consultant know about this article, too,
as he clearly either forgot to do this in setup, or was not aware of the
potential issue.
Thanks!

"Jetro" <ik9480@spam.rogers.com> wrote in message
news:%23jR$uteZEHA.2260@TK2MSFTNGP12.phx.gbl...
> My, we're learning together... Glad you found it yourself. Now it's easy -
> misconfigured VPN server registers all its IPs in the DNS and client's
query
> arrives to the wrong IP.
>
> Please read http://support.microsoft.com/default.aspx?scid=kb;EN-US;292822
> Name resolution and connectivity issues on a Routing and Remote Access
> Server that also runs DNS or WINS
>
>
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsnt.setup (More info?)

All right, I did the stuff in the article and it worked like a
charm...allowed my troubled user back on the internet and even stopped
browser errors I was getting on the server.
Now for one more question...I don't know if it's related, but soon after a
couple of my other NT 4.0 users are having trouble with Outlook. It
initially says it can't connect to the server and after a period of time it
is able to. I have tracked this down to the Computer Browser service which
is just taking a while to start up (about 5 minutes). Once it starts,
Outlook is fine...however, at least one of the users doesn't sound like
he'll stand for the wait...and I can understand the frustration. Could this
delay in the Computer Browser service starting be related to the changes I
made per that article to get the other user on the internet?

"Jenna" <stilesj AT nospam DOT com> wrote in message
news:OJgNgjfZEHA.2516@TK2MSFTNGP10.phx.gbl...
> Thanks so much...this sounds exactly right!
> I'll take a look at it and let my consultant know about this article, too,
> as he clearly either forgot to do this in setup, or was not aware of the
> potential issue.
> Thanks!
>
> "Jetro" <ik9480@spam.rogers.com> wrote in message
> news:%23jR$uteZEHA.2260@TK2MSFTNGP12.phx.gbl...
> > My, we're learning together... Glad you found it yourself. Now it's
easy -
> > misconfigured VPN server registers all its IPs in the DNS and client's
> query
> > arrives to the wrong IP.
> >
> > Please read
http://support.microsoft.com/default.aspx?scid=kb;EN-US;292822
> > Name resolution and connectivity issues on a Routing and Remote Access
> > Server that also runs DNS or WINS
> >
> >
>
>
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsnt.setup (More info?)

Sounds like NetBIOS problems. Never seen long delays as such in Computer
Browser.
How does the CB start if you'd disconnect from the network and logon
locally?
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsnt.setup (More info?)

I'll look into that and try the offline thing.

"Jetro" <jetro@internet.net> wrote in message
news:eZVcCGBcEHA.3664@TK2MSFTNGP12.phx.gbl...
> Sounds like NetBIOS problems. Never seen long delays as such in Computer
> Browser.
> How does the CB start if you'd disconnect from the network and logon
> locally?
>
>
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom