IE Routing Problem

Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

After booting their machines, users on our network can open Internet
Explorer and browse. After a few minutes, of browsing, however, they get
the "Can't find page..." screen. When tested from each user's machine,
Pinging/Tracing works fine, whether going by IP address or domain name (for
that matter, Outlook Express, which is pointing to a public news server,
always works fine too). Our small network is a Win2000 Domain, with the
Domain Server also serving as the DNS Server for the local machines.

Can anybody give me some guidance in how to troubleshoot this issue? Since
packets seem to be getting routed properly (pinging.tracing works fine), I
am at a loss as to where to look for further info on this problem.

Thanks for any help!

Dan
36 answers Last reply
More about routing problem
  1. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    In news:SGfNc.40$2w2.86014@news.uswest.net,
    DDJ <johnson@milehi.com> posted a question
    Then Kevin replied below:
    > After booting their machines, users on our network can
    > open Internet Explorer and browse. After a few minutes,
    > of browsing, however, they get the "Can't find page..."
    > screen. When tested from each user's machine,
    > Pinging/Tracing works fine, whether going by IP address
    > or domain name (for that matter, Outlook Express, which
    > is pointing to a public news server, always works fine
    > too). Our small network is a Win2000 Domain, with the
    > Domain Server also serving as the DNS Server for the
    > local machines.
    >
    > Can anybody give me some guidance in how to troubleshoot
    > this issue? Since packets seem to be getting routed
    > properly (pinging.tracing works fine), I am at a loss as
    > to where to look for further info on this problem.

    Are your clients using only the DC for DNS?

    An ipconfig /all could be of help.


    --
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ============================
    --
    When responding to posts, please "Reply to Group" via your
    newsreader so that others may learn and benefit from your
    issue. To respond directly to me remove the nospam. from my
    email. ==========================================
    http://www.lonestaramerica.com/
    ==========================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ==========================================
    Keep a back up of your OE settings and folders with
    OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ==========================================
  2. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    Yes, they are using only the DC. I checked that...all values are correct
    and consistent with the settings that have always been in place. That's why
    I am thinking (along with the fact that all other routing using ping, etc
    seems to be working) that this must have something to do with DNS settings
    at the server level???


    "Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message
    news:eKdiBU2cEHA.2236@TK2MSFTNGP10.phx.gbl...
    > In news:SGfNc.40$2w2.86014@news.uswest.net,
    > DDJ <johnson@milehi.com> posted a question
    > Then Kevin replied below:
    > > After booting their machines, users on our network can
    > > open Internet Explorer and browse. After a few minutes,
    > > of browsing, however, they get the "Can't find page..."
    > > screen. When tested from each user's machine,
    > > Pinging/Tracing works fine, whether going by IP address
    > > or domain name (for that matter, Outlook Express, which
    > > is pointing to a public news server, always works fine
    > > too). Our small network is a Win2000 Domain, with the
    > > Domain Server also serving as the DNS Server for the
    > > local machines.
    > >
    > > Can anybody give me some guidance in how to troubleshoot
    > > this issue? Since packets seem to be getting routed
    > > properly (pinging.tracing works fine), I am at a loss as
    > > to where to look for further info on this problem.
    >
    > Are your clients using only the DC for DNS?
    >
    > An ipconfig /all could be of help.
    >
    >
    >
    > --
    > Best regards,
    > Kevin D4 Dad Goodknecht Sr. [MVP]
    > Hope This Helps
    > ============================
    > --
    > When responding to posts, please "Reply to Group" via your
    > newsreader so that others may learn and benefit from your
    > issue. To respond directly to me remove the nospam. from my
    > email. ==========================================
    > http://www.lonestaramerica.com/
    > ==========================================
    > Use Outlook Express?... Get OE_Quotefix:
    > It will strip signature out and more
    > http://home.in.tum.de/~jain/software/oe-quotefix/
    > ==========================================
    > Keep a back up of your OE settings and folders with
    > OEBackup:
    > http://www.oehelp.com/OEBackup/Default.aspx
    > ==========================================
    >
    >
  3. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    In news:_rkNc.70$2w2.136612@news.uswest.net,
    DDJ <johnson@milehi.com> posted a question
    Then Kevin replied below:
    > Yes, they are using only the DC. I checked that...all
    > values are correct and consistent with the settings that
    > have always been in place. That's why I am thinking
    > (along with the fact that all other routing using ping,
    > etc seems to be working) that this must have something to
    > do with DNS settings at the server level???

    I don't know I cannot see how DNS is configured, you don't say if DNS
    resolves with nslookup, dig or netdig.
    You didn't say what it has configured as its forwarder, if any. Where is the
    ipconfig /all I asked for?
    I don't have a clue and you haven't given one, other that it just quits
    browsing. That can cover a lot of ground, I don't know if it is DNS or not I
    have not ruled it out, yet. But, from what I've gather so for it is not DNS,
    unless it is stuck in a forwarding loop. Does it forward to the router?
    What does the router forward to?


    --
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ============================
    --
    When responding to posts, please "Reply to Group" via your
    newsreader so that others may learn and benefit from your
    issue. To respond directly to me remove the nospam. from my
    email. ==========================================
    http://www.lonestaramerica.com/
    ==========================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ==========================================
    Keep a back up of your OE settings and folders with
    OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ==========================================
  4. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    Let me try to answer your questions as follows:

    No problem getting the IP address for various public domains using nslookup.
    As mentioned previously, ping, traceit, etc. all seem to have no problems
    from the effected machines...we just can't browse after a few minutes.

    Don't know what dig or netdig is.

    Here is the results from an ipconfig /all on one of the boxes that isn't
    working:

    Windows 2000 IP Configuration

    Host Name . . . . . . . . . . . . : mybox
    Primary DNS Suffix . . . . . . . : DDJ.local
    Node Type . . . . . . . . . . . . : Broadcast
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No
    DNS Suffix Search List. . . . . . : DDJ.local

    Ethernet adapter Local Area Connection:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Realtek RTL8139(Ethernet
    Adapter)
    Physical Address. . . . . . . . . : 00-E0-18-CE-AD-2
    DHCP Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : 192.168.168.186
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . : 192.168.168.1
    DNS Servers . . . . . . . . . . . : 192.168.168.187

    Basic configuration:

    Each box is pointed to a firewall as the gateway (192.168.168.1) and to the
    DC as the DNS Server (192.168.168.187). The DC points to the ISP-provided
    two DNS servers. The common firewall gateway (192.168.168.1) forwards to
    the router (192.168.168.2) which forwards to the ISP's router.

    Please let me know if this isn't what you were looking for. Thanks for your
    persistence!

    Dan

    "Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message
    news:OkaoLM5cEHA.3944@tk2msftngp13.phx.gbl...
    > In news:_rkNc.70$2w2.136612@news.uswest.net,
    > DDJ <johnson@milehi.com> posted a question
    > Then Kevin replied below:
    > > Yes, they are using only the DC. I checked that...all
    > > values are correct and consistent with the settings that
    > > have always been in place. That's why I am thinking
    > > (along with the fact that all other routing using ping,
    > > etc seems to be working) that this must have something to
    > > do with DNS settings at the server level???
    >
    > I don't know I cannot see how DNS is configured, you don't say if DNS
    > resolves with nslookup, dig or netdig.
    > You didn't say what it has configured as its forwarder, if any. Where is
    the
    > ipconfig /all I asked for?
    > I don't have a clue and you haven't given one, other that it just quits
    > browsing. That can cover a lot of ground, I don't know if it is DNS or not
    I
    > have not ruled it out, yet. But, from what I've gather so for it is not
    DNS,
    > unless it is stuck in a forwarding loop. Does it forward to the router?
    > What does the router forward to?
    >
    >
    >
    > --
    > Best regards,
    > Kevin D4 Dad Goodknecht Sr. [MVP]
    > Hope This Helps
    > ============================
    > --
    > When responding to posts, please "Reply to Group" via your
    > newsreader so that others may learn and benefit from your
    > issue. To respond directly to me remove the nospam. from my
    > email. ==========================================
    > http://www.lonestaramerica.com/
    > ==========================================
    > Use Outlook Express?... Get OE_Quotefix:
    > It will strip signature out and more
    > http://home.in.tum.de/~jain/software/oe-quotefix/
    > ==========================================
    > Keep a back up of your OE settings and folders with
    > OEBackup:
    > http://www.oehelp.com/OEBackup/Default.aspx
    > ==========================================
    >
    >
    >
  5. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    In news:NnBNc.61$%O5.7547@news.uswest.net,
    DDJ <johnson@milehi.com> posted a question
    Then Kevin replied below:
    > Let me try to answer your questions as follows:
    >
    > No problem getting the IP address for various public
    > domains using nslookup. As mentioned previously, ping,
    > traceit, etc. all seem to have no problems from the
    > effected machines...we just can't browse after a few
    > minutes.
    >
    > Don't know what dig or netdig is.
    >
    > Here is the results from an ipconfig /all on one of the
    > boxes that isn't working:
    >
    > Windows 2000 IP Configuration
    >
    > Host Name . . . . . . . . . . . . : mybox
    > Primary DNS Suffix . . . . . . . : DDJ.local
    > Node Type . . . . . . . . . . . . : Broadcast
    > IP Routing Enabled. . . . . . . . : No
    > WINS Proxy Enabled. . . . . . . . : No
    > DNS Suffix Search List. . . . . . : DDJ.local
    >
    > Ethernet adapter Local Area Connection:
    >
    > Connection-specific DNS Suffix . :
    > Description . . . . . . . . . . . : Realtek
    > RTL8139(Ethernet Adapter)
    > Physical Address. . . . . . . . . :
    > 00-E0-18-CE-AD-2 DHCP Enabled. . . . . . . . . .
    > . : No IP Address. . . . . . . . . . . . :
    > 192.168.168.186 Subnet Mask . . . . . . . . . . .
    > : 255.255.255.0 Default Gateway . . . . . . . . .
    > : 192.168.168.1 DNS Servers . . . . . . . . . . .
    > : 192.168.168.187
    >
    > Basic configuration:
    >
    > Each box is pointed to a firewall as the gateway
    > (192.168.168.1) and to the DC as the DNS Server
    > (192.168.168.187). The DC points to the ISP-provided two
    > DNS servers. The common firewall gateway (192.168.168.1)
    > forwards to the router (192.168.168.2) which forwards to
    > the ISP's router.

    Let me get this straight, the DC is pointing to your ISP's DNS in its NIC?

    Major problem, you cannot use any DNS other than the DNS server that has the
    AD domain zone in any position on any domain member . The DC is a member,
    too. Remove the ISP's DNS from the NIC and configuire them only as
    forwarders in the DNS service properties.


    --
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ============================
    --
    When responding to posts, please "Reply to Group" via your
    newsreader so that others may learn and benefit from your
    issue. To respond directly to me remove the nospam. from my
    email. ==========================================
    http://www.lonestaramerica.com/
    ==========================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ==========================================
    Keep a back up of your OE settings and folders with
    OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ==========================================
  6. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    OK. I removed the ISP's DNS from the NIC (and replaced with the IP of the
    DC, which is the DNS Server for the domain). Also, I checked DNS service
    properties and the ISP's DNS are listed there as forwarders (didn't need to
    change).

    However, this didn't solve the problem from the other boxes on the network.
    Any other thoughts? Or do you need some other info?

    Thanks!

    Dan

    "Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message
    news:OtEC8XDdEHA.3864@TK2MSFTNGP10.phx.gbl...
    > In news:NnBNc.61$%O5.7547@news.uswest.net,
    > DDJ <johnson@milehi.com> posted a question
    > Then Kevin replied below:
    > > Let me try to answer your questions as follows:
    > >
    > > No problem getting the IP address for various public
    > > domains using nslookup. As mentioned previously, ping,
    > > traceit, etc. all seem to have no problems from the
    > > effected machines...we just can't browse after a few
    > > minutes.
    > >
    > > Don't know what dig or netdig is.
    > >
    > > Here is the results from an ipconfig /all on one of the
    > > boxes that isn't working:
    > >
    > > Windows 2000 IP Configuration
    > >
    > > Host Name . . . . . . . . . . . . : mybox
    > > Primary DNS Suffix . . . . . . . : DDJ.local
    > > Node Type . . . . . . . . . . . . : Broadcast
    > > IP Routing Enabled. . . . . . . . : No
    > > WINS Proxy Enabled. . . . . . . . : No
    > > DNS Suffix Search List. . . . . . : DDJ.local
    > >
    > > Ethernet adapter Local Area Connection:
    > >
    > > Connection-specific DNS Suffix . :
    > > Description . . . . . . . . . . . : Realtek
    > > RTL8139(Ethernet Adapter)
    > > Physical Address. . . . . . . . . :
    > > 00-E0-18-CE-AD-2 DHCP Enabled. . . . . . . . . .
    > > . : No IP Address. . . . . . . . . . . . :
    > > 192.168.168.186 Subnet Mask . . . . . . . . . . .
    > > : 255.255.255.0 Default Gateway . . . . . . . . .
    > > : 192.168.168.1 DNS Servers . . . . . . . . . . .
    > > : 192.168.168.187
    > >
    > > Basic configuration:
    > >
    > > Each box is pointed to a firewall as the gateway
    > > (192.168.168.1) and to the DC as the DNS Server
    > > (192.168.168.187). The DC points to the ISP-provided two
    > > DNS servers. The common firewall gateway (192.168.168.1)
    > > forwards to the router (192.168.168.2) which forwards to
    > > the ISP's router.
    >
    > Let me get this straight, the DC is pointing to your ISP's DNS in its NIC?
    >
    > Major problem, you cannot use any DNS other than the DNS server that has
    the
    > AD domain zone in any position on any domain member . The DC is a member,
    > too. Remove the ISP's DNS from the NIC and configuire them only as
    > forwarders in the DNS service properties.
    >
    >
    >
    >
    > --
    > Best regards,
    > Kevin D4 Dad Goodknecht Sr. [MVP]
    > Hope This Helps
    > ============================
    > --
    > When responding to posts, please "Reply to Group" via your
    > newsreader so that others may learn and benefit from your
    > issue. To respond directly to me remove the nospam. from my
    > email. ==========================================
    > http://www.lonestaramerica.com/
    > ==========================================
    > Use Outlook Express?... Get OE_Quotefix:
    > It will strip signature out and more
    > http://home.in.tum.de/~jain/software/oe-quotefix/
    > ==========================================
    > Keep a back up of your OE settings and folders with
    > OEBackup:
    > http://www.oehelp.com/OEBackup/Default.aspx
    > ==========================================
    >
    >
    >
  7. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    In news:OtEC8XDdEHA.3864@TK2MSFTNGP10.phx.gbl,
    Kevin D. Goodknecht Sr. [MVP] <admin@nospam.WFTX.US> asked for help and I
    offered my suggestions below:
    <snip>
    >> Basic configuration:
    >>
    >> Each box is pointed to a firewall as the gateway
    >> (192.168.168.1) and to the DC as the DNS Server
    >> (192.168.168.187). The DC points to the ISP-provided two
    >> DNS servers. The common firewall gateway (192.168.168.1)
    >> forwards to the router (192.168.168.2) which forwards to
    >> the ISP's router.
    >
    > Let me get this straight, the DC is pointing to your ISP's DNS in its
    > NIC?
    >
    > Major problem, you cannot use any DNS other than the DNS server that
    > has the AD domain zone in any position on any domain member . The DC
    > is a member, too. Remove the ISP's DNS from the NIC and configuire
    > them only as forwarders in the DNS service properties.

    Do you think he means "forwarded" to the ISP's DNS, and that the DCs are
    actually only pointing to themselves for DNS (as required)?

    If so, this might be an MTU issue or a firewall issue. Curious what rules
    are in there? I'm not sure how the firewall which has a 192.168.168.1
    address with the other NIC on the same segment, unless he's using OpenBSD
    firewall in bridge mode where the packets are just arped across the
    interfaces. I had that setup once before and works nicely, but never had any
    issues with browser or name resolution. Maybe even its just that UDP 53 is
    blocked.


    --
    Regards,
    Ace

    Please direct all replies ONLY to the Microsoft public newsgroups
    so all can benefit.

    This posting is provided "AS-IS" with no warranties or guarantees
    and confers no rights.

    Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    Microsoft Windows MVP - Windows Server - Directory Services

    Security Is Like An Onion, It Has Layers
    HAM AND EGGS: A day's work for a chicken;
    A lifetime commitment for a pig.
    --
    =================================
  8. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    In news:bXENc.93$%O5.9427@news.uswest.net,
    DDJ <johnson@milehi.com> asked for help and I offered my suggestions below:
    > OK. I removed the ISP's DNS from the NIC (and replaced with the IP
    > of the DC, which is the DNS Server for the domain). Also, I checked
    > DNS service properties and the ISP's DNS are listed there as
    > forwarders (didn't need to change).
    >
    > However, this didn't solve the problem from the other boxes on the
    > network. Any other thoughts? Or do you need some other info?
    >
    > Thanks!
    >
    > Dan
    >

    If I may jump in, after you removed the ISP's DNS, I assume that the client
    machines do not have the ISP's DNS in there as well and they were removed?

    After you changed that on the DC/DNS, restart the DNS service, then run a
    netdiag /v /fix. Then goto one of the machines on your domain, provided that
    the ISPs addresses have been removed, and clear the client side cache with
    an:
    ipconfig /flushdns

    Then open a new browser and try it again.

    Also, let us know if you can ping www.yahoo.com.
    Also, run nslookup for us:

    nslookup (hit enter)
    > aol.com
    (results show up here)

    then try:

    > yahoo.com
    (results show up here)


    Then I would like you to try one more thing:

    nslookup (hit enter)
    > set vc (hit enter)
    > aol.com (hit enter)
    (results show up here)

    then

    > yahoo.com (hit enter)
    (results show up here)

    Then paste the results for us please.

    Thanks

    --
    Regards,
    Ace

    Please direct all replies ONLY to the Microsoft public newsgroups
    so all can benefit.

    This posting is provided "AS-IS" with no warranties or guarantees
    and confers no rights.

    Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    Microsoft Windows MVP - Windows Server - Directory Services

    Security Is Like An Onion, It Has Layers
    HAM AND EGGS: A day's work for a chicken;
    A lifetime commitment for a pig.
    --
    =================================
  9. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    The client machines did NOT have the ISP's DNS listed (they are all pointed
    to the DC for DNS)

    I restarted DNS on the DC, ran netdiag /v /fix, went to one of the machines
    on the domain that wasn't working and ran ipconfig /flushdns. Opened a
    browser, still didn't work.

    See below for the info you requested...let me know if this isn't what you
    wanted.

    C:\>ping www.yahoo.com

    Pinging www.yahoo.akadns.net [66.94.230.52] with 32 bytes of data:

    Reply from 66.94.230.52: bytes=32 time=110ms TTL=51
    Reply from 66.94.230.52: bytes=32 time=100ms TTL=51
    Reply from 66.94.230.52: bytes=32 time=100ms TTL=51
    Reply from 66.94.230.52: bytes=32 time=100ms TTL=51

    Ping statistics for 66.94.230.52:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 100ms, Maximum = 110ms, Average = 102ms

    C:\>nslookup
    *** Can't find server name for address 192.168.168.187: Non-existent domain
    *** Default servers are not available
    Default Server: UnKnown
    Address: 192.168.168.187

    > aol.com
    Server: UnKnown
    Address: 192.168.168.187

    Non-authoritative answer:
    Name: aol.com
    Addresses: 149.174.130.216, 205.188.145.213, 64.12.187.24

    > yahoo.com
    Server: UnKnown
    Address: 192.168.168.187

    Non-authoritative answer:
    Name: yahoo.com
    Addresses: 216.109.124.73, 66.94.234.13, 66.94.231.98, 66.94.231.99
    216.109.124.72

    > nslookup
    Server: UnKnown
    Address: 192.168.168.187

    *** UnKnown can't find nslookup: Non-existent domain
    > set vc
    > aol.com
    Server: UnKnown
    Address: 192.168.168.187

    Non-authoritative answer:
    Name: aol.com
    Addresses: 149.174.130.216, 205.188.145.213, 64.12.187.24

    > yahoo.com
    Server: UnKnown
    Address: 192.168.168.187

    Non-authoritative answer:
    Name: yahoo.com
    Addresses: 216.109.124.73, 66.94.234.13, 66.94.231.98, 66.94.231.99
    216.109.124.72

    >

    "Ace Fekay [MVP]"
    <PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com> wrote in
    message news:e49yXgFdEHA.3892@TK2MSFTNGP11.phx.gbl...
    > In news:bXENc.93$%O5.9427@news.uswest.net,
    > DDJ <johnson@milehi.com> asked for help and I offered my suggestions
    below:
    > > OK. I removed the ISP's DNS from the NIC (and replaced with the IP
    > > of the DC, which is the DNS Server for the domain). Also, I checked
    > > DNS service properties and the ISP's DNS are listed there as
    > > forwarders (didn't need to change).
    > >
    > > However, this didn't solve the problem from the other boxes on the
    > > network. Any other thoughts? Or do you need some other info?
    > >
    > > Thanks!
    > >
    > > Dan
    > >
    >
    > If I may jump in, after you removed the ISP's DNS, I assume that the
    client
    > machines do not have the ISP's DNS in there as well and they were removed?
    >
    > After you changed that on the DC/DNS, restart the DNS service, then run a
    > netdiag /v /fix. Then goto one of the machines on your domain, provided
    that
    > the ISPs addresses have been removed, and clear the client side cache with
    > an:
    > ipconfig /flushdns
    >
    > Then open a new browser and try it again.
    >
    > Also, let us know if you can ping www.yahoo.com.
    > Also, run nslookup for us:
    >
    > nslookup (hit enter)
    > > aol.com
    > (results show up here)
    >
    > then try:
    >
    > > yahoo.com
    > (results show up here)
    >
    >
    >
    > Then I would like you to try one more thing:
    >
    > nslookup (hit enter)
    > > set vc (hit enter)
    > > aol.com (hit enter)
    > (results show up here)
    >
    > then
    >
    > > yahoo.com (hit enter)
    > (results show up here)
    >
    > Then paste the results for us please.
    >
    > Thanks
    >
    > --
    > Regards,
    > Ace
    >
    > Please direct all replies ONLY to the Microsoft public newsgroups
    > so all can benefit.
    >
    > This posting is provided "AS-IS" with no warranties or guarantees
    > and confers no rights.
    >
    > Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    > Microsoft Windows MVP - Windows Server - Directory Services
    >
    > Security Is Like An Onion, It Has Layers
    > HAM AND EGGS: A day's work for a chicken;
    > A lifetime commitment for a pig.
    > --
    > =================================
    >
    >
  10. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    Also, FYI...

    I was wondering about the response after entering nslookup, then Enter, so I
    rebooted the client box and ran the same command again and got the following
    response:

    C:\>nslookup
    DNS request timed out.
    timeout was 2 seconds.
    *** Can't find server name for address 192.168.168.187: Timed out
    *** Default servers are not available
    Default Server: UnKnown
    Address: 192.168.168.187

    Since 192.168.168.187 is the DC and DNS Server, I know this means something
    is wrong, but not what is wrong. Does this help in your analysis?
    (interestingly, when I opened the browser after writing the above, it worked
    fine the 1st, 2nd and 3rd time I opened it, but then failed on the 4th try).

    Thanks!

    "DDJ" <johnson@milehi.com> wrote in message
    news:AMONc.1418$qo6.948@news.uswest.net...
    > The client machines did NOT have the ISP's DNS listed (they are all
    pointed
    > to the DC for DNS)
    >
    > I restarted DNS on the DC, ran netdiag /v /fix, went to one of the
    machines
    > on the domain that wasn't working and ran ipconfig /flushdns. Opened a
    > browser, still didn't work.
    >
    > See below for the info you requested...let me know if this isn't what you
    > wanted.
    >
    > C:\>ping www.yahoo.com
    >
    > Pinging www.yahoo.akadns.net [66.94.230.52] with 32 bytes of data:
    >
    > Reply from 66.94.230.52: bytes=32 time=110ms TTL=51
    > Reply from 66.94.230.52: bytes=32 time=100ms TTL=51
    > Reply from 66.94.230.52: bytes=32 time=100ms TTL=51
    > Reply from 66.94.230.52: bytes=32 time=100ms TTL=51
    >
    > Ping statistics for 66.94.230.52:
    > Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
    > Approximate round trip times in milli-seconds:
    > Minimum = 100ms, Maximum = 110ms, Average = 102ms
    >
    > C:\>nslookup
    > *** Can't find server name for address 192.168.168.187: Non-existent
    domain
    > *** Default servers are not available
    > Default Server: UnKnown
    > Address: 192.168.168.187
    >
    > > aol.com
    > Server: UnKnown
    > Address: 192.168.168.187
    >
    > Non-authoritative answer:
    > Name: aol.com
    > Addresses: 149.174.130.216, 205.188.145.213, 64.12.187.24
    >
    > > yahoo.com
    > Server: UnKnown
    > Address: 192.168.168.187
    >
    > Non-authoritative answer:
    > Name: yahoo.com
    > Addresses: 216.109.124.73, 66.94.234.13, 66.94.231.98, 66.94.231.99
    > 216.109.124.72
    >
    > > nslookup
    > Server: UnKnown
    > Address: 192.168.168.187
    >
    > *** UnKnown can't find nslookup: Non-existent domain
    > > set vc
    > > aol.com
    > Server: UnKnown
    > Address: 192.168.168.187
    >
    > Non-authoritative answer:
    > Name: aol.com
    > Addresses: 149.174.130.216, 205.188.145.213, 64.12.187.24
    >
    > > yahoo.com
    > Server: UnKnown
    > Address: 192.168.168.187
    >
    > Non-authoritative answer:
    > Name: yahoo.com
    > Addresses: 216.109.124.73, 66.94.234.13, 66.94.231.98, 66.94.231.99
    > 216.109.124.72
    >
    > >
    >
    > "Ace Fekay [MVP]"
    > <PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com> wrote in
    > message news:e49yXgFdEHA.3892@TK2MSFTNGP11.phx.gbl...
    > > In news:bXENc.93$%O5.9427@news.uswest.net,
    > > DDJ <johnson@milehi.com> asked for help and I offered my suggestions
    > below:
    > > > OK. I removed the ISP's DNS from the NIC (and replaced with the IP
    > > > of the DC, which is the DNS Server for the domain). Also, I checked
    > > > DNS service properties and the ISP's DNS are listed there as
    > > > forwarders (didn't need to change).
    > > >
    > > > However, this didn't solve the problem from the other boxes on the
    > > > network. Any other thoughts? Or do you need some other info?
    > > >
    > > > Thanks!
    > > >
    > > > Dan
    > > >
    > >
    > > If I may jump in, after you removed the ISP's DNS, I assume that the
    > client
    > > machines do not have the ISP's DNS in there as well and they were
    removed?
    > >
    > > After you changed that on the DC/DNS, restart the DNS service, then run
    a
    > > netdiag /v /fix. Then goto one of the machines on your domain, provided
    > that
    > > the ISPs addresses have been removed, and clear the client side cache
    with
    > > an:
    > > ipconfig /flushdns
    > >
    > > Then open a new browser and try it again.
    > >
    > > Also, let us know if you can ping www.yahoo.com.
    > > Also, run nslookup for us:
    > >
    > > nslookup (hit enter)
    > > > aol.com
    > > (results show up here)
    > >
    > > then try:
    > >
    > > > yahoo.com
    > > (results show up here)
    > >
    > >
    > >
    > > Then I would like you to try one more thing:
    > >
    > > nslookup (hit enter)
    > > > set vc (hit enter)
    > > > aol.com (hit enter)
    > > (results show up here)
    > >
    > > then
    > >
    > > > yahoo.com (hit enter)
    > > (results show up here)
    > >
    > > Then paste the results for us please.
    > >
    > > Thanks
    > >
    > > --
    > > Regards,
    > > Ace
    > >
    > > Please direct all replies ONLY to the Microsoft public newsgroups
    > > so all can benefit.
    > >
    > > This posting is provided "AS-IS" with no warranties or guarantees
    > > and confers no rights.
    > >
    > > Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    > > Microsoft Windows MVP - Windows Server - Directory Services
    > >
    > > Security Is Like An Onion, It Has Layers
    > > HAM AND EGGS: A day's work for a chicken;
    > > A lifetime commitment for a pig.
    > > --
    > > =================================
    > >
    > >
    >
    >
    >
  11. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    "DDJ" <johnson@milehi.com> wrote in message
    news:OZONc.1421$qo6.1191@news.uswest.net...
    > Also, FYI...
    >
    > I was wondering about the response after entering nslookup, then Enter, so
    I
    > rebooted the client box and ran the same command again and got the
    following
    > response:
    >
    > C:\>nslookup
    > DNS request timed out.
    > timeout was 2 seconds.
    > *** Can't find server name for address 192.168.168.187: Timed out
    > *** Default servers are not available
    > Default Server: UnKnown
    > Address: 192.168.168.187
    >
    > Since 192.168.168.187 is the DC and DNS Server, I know this means
    something
    > is wrong, but not what is wrong. Does this help in your analysis?
    > (interestingly, when I opened the browser after writing the above, it
    worked
    > fine the 1st, 2nd and 3rd time I opened it, but then failed on the 4th
    try).
    >
    > Thanks!
    >

    Thanks for posting this information.

    The time outs or domain not found message with nslookup is just saying you
    either don't have a reverse zone created for 192.168.168.x or you do but
    don't have a PTR entry for 192.168.168.187 (the DNS server itself). Just a
    message.... not an error.

    As for the nslookup results, resolution is working and seems you have UDP
    and TCP 53 open and working on both! That was what the 'set vc' switch does,
    it forces TCP since by default nslookup uses UDP.

    So now I'm thinking its an MTU issue. Do you have cable or ADSL?
    Check this MTU test out please:

    http://help.expedient.com/broadband/mtu_ping_test.shtml

    Is there a proxy setting in the browser's options?

    --
    Regards,
    Ace

    Please direct all replies ONLY to the Microsoft public newsgroups
    so all can benefit.

    This posting is provided "AS-IS" with no warranties or guarantees
    and confers no rights.

    Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    Microsoft Windows MVP - Windows Server - Directory Services

    Security Is Like An Onion, It Has Layers
    HAM AND EGGS: A day's work for a chicken;
    A lifetime commitment for a pig.
    --
    =================================
  12. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    We have ADSL.

    Ran the provided test. Although the Win2000 box I was using did not have an
    MTU value in the registry, I added. Per the MTU test, the optimal setting
    would be 1404. NOTE: that this is the setting in our firewall as well (says
    something about "fragment outbound packets larger than 1404")

    The browser does not have an proxy settings in place.

    Tested browser after adding MTU value...still doesn't work. The firewall
    forwards packets to the router, do routers generally provide for an MTU
    setting?

    Thanks!


    "Ace Fekay [MVP]" <firstnamelastname@hotmail.com> wrote in message
    news:%23YqADmLdEHA.596@TK2MSFTNGP11.phx.gbl...
    >
    > "DDJ" <johnson@milehi.com> wrote in message
    > news:OZONc.1421$qo6.1191@news.uswest.net...
    > > Also, FYI...
    > >
    > > I was wondering about the response after entering nslookup, then Enter,
    so
    > I
    > > rebooted the client box and ran the same command again and got the
    > following
    > > response:
    > >
    > > C:\>nslookup
    > > DNS request timed out.
    > > timeout was 2 seconds.
    > > *** Can't find server name for address 192.168.168.187: Timed out
    > > *** Default servers are not available
    > > Default Server: UnKnown
    > > Address: 192.168.168.187
    > >
    > > Since 192.168.168.187 is the DC and DNS Server, I know this means
    > something
    > > is wrong, but not what is wrong. Does this help in your analysis?
    > > (interestingly, when I opened the browser after writing the above, it
    > worked
    > > fine the 1st, 2nd and 3rd time I opened it, but then failed on the 4th
    > try).
    > >
    > > Thanks!
    > >
    >
    > Thanks for posting this information.
    >
    > The time outs or domain not found message with nslookup is just saying you
    > either don't have a reverse zone created for 192.168.168.x or you do but
    > don't have a PTR entry for 192.168.168.187 (the DNS server itself). Just a
    > message.... not an error.
    >
    > As for the nslookup results, resolution is working and seems you have UDP
    > and TCP 53 open and working on both! That was what the 'set vc' switch
    does,
    > it forces TCP since by default nslookup uses UDP.
    >
    > So now I'm thinking its an MTU issue. Do you have cable or ADSL?
    > Check this MTU test out please:
    >
    > http://help.expedient.com/broadband/mtu_ping_test.shtml
    >
    > Is there a proxy setting in the browser's options?
    >
    > --
    > Regards,
    > Ace
    >
    > Please direct all replies ONLY to the Microsoft public newsgroups
    > so all can benefit.
    >
    > This posting is provided "AS-IS" with no warranties or guarantees
    > and confers no rights.
    >
    > Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    > Microsoft Windows MVP - Windows Server - Directory Services
    >
    > Security Is Like An Onion, It Has Layers
    > HAM AND EGGS: A day's work for a chicken;
    > A lifetime commitment for a pig.
    > --
    > =================================
    >
    >
  13. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    "DDJ" <johnson@milehi.com> wrote in message
    news:DbSNc.25$u77.31198@news.uswest.net...
    > We have ADSL.
    >
    > Ran the provided test. Although the Win2000 box I was using did not have
    an
    > MTU value in the registry, I added. Per the MTU test, the optimal setting
    > would be 1404. NOTE: that this is the setting in our firewall as well
    (says
    > something about "fragment outbound packets larger than 1404")
    >
    > The browser does not have an proxy settings in place.
    >
    > Tested browser after adding MTU value...still doesn't work. The firewall
    > forwards packets to the router, do routers generally provide for an MTU
    > setting?
    >
    > Thanks!

    Actually 1404 is really awfully low. The definition of an MTU is the actual
    TCP packet size. The largest possible TCP packet size is 1500 bytes. ADSL
    using PPPoE lowers the MTU to 1492, using up 8 bytes for the PPPoE overhead.
    So 1492 is the common one I've seen it drop lower, depending on the ADSL
    modem. The router will accomodate the modem. The lower it is, the more
    difficulty there will be with IE and browsing.

    What type of modem do you have?
    What type of router do you have that is connected to the modem?

    I was trying to re-read your previous response, but I apogize that I am
    getting lost in your terminology. Here's what you previously posted:

    ======================
    > Each box is pointed to a firewall as the gateway
    > (192.168.168.1) and to the DC as the DNS Server
    > (192.168.168.187). The DC points to the ISP-provided two
    > DNS servers. The common firewall gateway (192.168.168.1)
    > forwards to the router (192.168.168.2) which forwards to
    > the ISP's router.
    ======================

    Now this part (the paragraph below) is the part I really do not understand
    because of the IP addresses that are mentioned, hence my previous thought
    you were "arping" packets across an OpenBSD bridged firewall, which I know
    not too many people use or know how to setup.
    ....
    > "The common firewall gateway (192.168.168.1)
    > forwards to the router (192.168.168.2) which forwards to
    > the ISP's router."
    ....

    Now, let's break this down. Your 'firewall' is also your router? What brand
    is it?
    That "common firewall gateway (192.168.168.1) you mention, is that the above
    firewall/router? Or are you saing that the firewall gateway and the router
    are two different things? Or is the router actually an ADSL modem?

    From the way you described that, it seems like that the 'common firewall
    gateway with an IP of 192.168.168.1, which is connected to your internal
    subnet, which your internal subnet uses as a gateway, has its other
    interface (which by definition of a 'router') configured wtih an IP on the
    same subnet and is connected to your ISP's router with an IP on the same
    subnet as the internal subnet, but should be a totally different subnet. So
    based on the terminology used, I am completey lost on how this is
    configured.

    Can you break that down for me?
    What name brand router?
    What name brand firewall?
    What name brand modem (if it is)?


    --
    Regards,
    Ace

    Please direct all replies ONLY to the Microsoft public newsgroups
    so all can benefit.

    This posting is provided "AS-IS" with no warranties or guarantees
    and confers no rights.

    Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    Microsoft Windows MVP - Windows Server - Directory Services

    Security Is Like An Onion, It Has Layers
    HAM AND EGGS: A day's work for a chicken;
    A lifetime commitment for a pig.
    --
    =================================
  14. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    To try and make this easier to read, I have added my responses below...

    "Ace Fekay [MVP]" <firstnamelastname@hotmail.com> wrote in message
    news:uZ516jNdEHA.1356@TK2MSFTNGP09.phx.gbl...
    >
    > "DDJ" <johnson@milehi.com> wrote in message
    > news:DbSNc.25$u77.31198@news.uswest.net...
    > > We have ADSL.
    > >
    > > Ran the provided test. Although the Win2000 box I was using did not
    have
    > an
    > > MTU value in the registry, I added. Per the MTU test, the optimal
    setting
    > > would be 1404. NOTE: that this is the setting in our firewall as well
    > (says
    > > something about "fragment outbound packets larger than 1404")
    > >
    > > The browser does not have an proxy settings in place.
    > >
    > > Tested browser after adding MTU value...still doesn't work. The
    firewall
    > > forwards packets to the router, do routers generally provide for an MTU
    > > setting?
    > >
    > > Thanks!
    >
    > Actually 1404 is really awfully low. The definition of an MTU is the
    actual
    > TCP packet size. The largest possible TCP packet size is 1500 bytes. ADSL
    > using PPPoE lowers the MTU to 1492, using up 8 bytes for the PPPoE
    overhead.
    > So 1492 is the common one I've seen it drop lower, depending on the ADSL
    > modem. The router will accomodate the modem. The lower it is, the more
    > difficulty there will be with IE and browsing.

    I will change this after sending this message to see if it has any impact.
    I remember that we originally changed it to accomodate a request from
    SonicWall when setting up a VPN.

    >
    > What type of modem do you have?
    > What type of router do you have that is connected to the modem?

    We have a SonicWall SoHo 100 firewall (which is the IP = 192.168.168.1) and
    an ActionTec DSL Modem/Router (LAN IP = 192.168.168.2, WAN IP should remain
    private). All packets coming in through the ActionTec are routed to the
    SonicWall. All client boxes point to the SonicWall as the Gateway and to
    the DC (192.168.168.187) as the DNS. Should I not be posting all of this IP
    info here for security reasons??? I have assumed that since they are
    internal addresses, it doesn't matter, but let me know if you think
    otherwise.

    >
    > I was trying to re-read your previous response, but I apogize that I am
    > getting lost in your terminology. Here's what you previously posted:
    >
    > ======================
    > > Each box is pointed to a firewall as the gateway
    > > (192.168.168.1) and to the DC as the DNS Server
    > > (192.168.168.187). The DC points to the ISP-provided two
    > > DNS servers. The common firewall gateway (192.168.168.1)
    > > forwards to the router (192.168.168.2) which forwards to
    > > the ISP's router.
    > ======================
    >
    > Now this part (the paragraph below) is the part I really do not understand
    > because of the IP addresses that are mentioned, hence my previous thought
    > you were "arping" packets across an OpenBSD bridged firewall, which I know
    > not too many people use or know how to setup.
    > ...
    > > "The common firewall gateway (192.168.168.1)
    > > forwards to the router (192.168.168.2) which forwards to
    > > the ISP's router."
    > ...
    >
    > Now, let's break this down. Your 'firewall' is also your router? What
    brand
    > is it?
    > That "common firewall gateway (192.168.168.1) you mention, is that the
    above
    > firewall/router? Or are you saing that the firewall gateway and the router
    > are two different things? Or is the router actually an ADSL modem?

    If I understand how this works correctly, the SonicWall is the router,
    although all the SonicWall does is pass outgoing packets to the ActionTec
    (in addition obviously to handling incoming packets from the ActionTec).

    >
    > From the way you described that, it seems like that the 'common firewall
    > gateway with an IP of 192.168.168.1, which is connected to your internal
    > subnet, which your internal subnet uses as a gateway, has its other
    > interface (which by definition of a 'router') configured wtih an IP on the
    > same subnet and is connected to your ISP's router with an IP on the same
    > subnet as the internal subnet, but should be a totally different subnet.
    So
    > based on the terminology used, I am completey lost on how this is
    > configured.

    I remember when we first set this up last year, I had also thought that we
    needed to set the LAN side IP of the ActionTec to a different subnet than
    the WAN side IP of the SonicWall (hope I said that right!). It was either
    Qwest or SonicWall, however, that said we needed to do it this way. It WAS
    working for some time though, so I am curious why it has gone crazy now.

    Hopefully the above helps you understand. Let me know if not, and thanks
    for your patience!

    >
    > Can you break that down for me?
    > What name brand router?
    > What name brand firewall?
    > What name brand modem (if it is)?
    >
    >
    > --
    > Regards,
    > Ace
    >
    > Please direct all replies ONLY to the Microsoft public newsgroups
    > so all can benefit.
    >
    > This posting is provided "AS-IS" with no warranties or guarantees
    > and confers no rights.
    >
    > Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    > Microsoft Windows MVP - Windows Server - Directory Services
    >
    > Security Is Like An Onion, It Has Layers
    > HAM AND EGGS: A day's work for a chicken;
    > A lifetime commitment for a pig.
    > --
    > =================================
    >
    >
    >
    >
    >
  15. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    FYI, I changed the MTU to 1492 on both the firewall and the client box...no
    change, browser still fails after a few minutes.

    Dan

    "DDJ" <johnson@milehi.com> wrote in message
    news:lGTNc.32$u77.37507@news.uswest.net...
    > To try and make this easier to read, I have added my responses below...
    >
    > "Ace Fekay [MVP]" <firstnamelastname@hotmail.com> wrote in message
    > news:uZ516jNdEHA.1356@TK2MSFTNGP09.phx.gbl...
    > >
    > > "DDJ" <johnson@milehi.com> wrote in message
    > > news:DbSNc.25$u77.31198@news.uswest.net...
    > > > We have ADSL.
    > > >
    > > > Ran the provided test. Although the Win2000 box I was using did not
    > have
    > > an
    > > > MTU value in the registry, I added. Per the MTU test, the optimal
    > setting
    > > > would be 1404. NOTE: that this is the setting in our firewall as well
    > > (says
    > > > something about "fragment outbound packets larger than 1404")
    > > >
    > > > The browser does not have an proxy settings in place.
    > > >
    > > > Tested browser after adding MTU value...still doesn't work. The
    > firewall
    > > > forwards packets to the router, do routers generally provide for an
    MTU
    > > > setting?
    > > >
    > > > Thanks!
    > >
    > > Actually 1404 is really awfully low. The definition of an MTU is the
    > actual
    > > TCP packet size. The largest possible TCP packet size is 1500 bytes.
    ADSL
    > > using PPPoE lowers the MTU to 1492, using up 8 bytes for the PPPoE
    > overhead.
    > > So 1492 is the common one I've seen it drop lower, depending on the ADSL
    > > modem. The router will accomodate the modem. The lower it is, the more
    > > difficulty there will be with IE and browsing.
    >
    > I will change this after sending this message to see if it has any impact.
    > I remember that we originally changed it to accomodate a request from
    > SonicWall when setting up a VPN.
    >
    > >
    > > What type of modem do you have?
    > > What type of router do you have that is connected to the modem?
    >
    > We have a SonicWall SoHo 100 firewall (which is the IP = 192.168.168.1)
    and
    > an ActionTec DSL Modem/Router (LAN IP = 192.168.168.2, WAN IP should
    remain
    > private). All packets coming in through the ActionTec are routed to the
    > SonicWall. All client boxes point to the SonicWall as the Gateway and to
    > the DC (192.168.168.187) as the DNS. Should I not be posting all of this
    IP
    > info here for security reasons??? I have assumed that since they are
    > internal addresses, it doesn't matter, but let me know if you think
    > otherwise.
    >
    > >
    > > I was trying to re-read your previous response, but I apogize that I am
    > > getting lost in your terminology. Here's what you previously posted:
    > >
    > > ======================
    > > > Each box is pointed to a firewall as the gateway
    > > > (192.168.168.1) and to the DC as the DNS Server
    > > > (192.168.168.187). The DC points to the ISP-provided two
    > > > DNS servers. The common firewall gateway (192.168.168.1)
    > > > forwards to the router (192.168.168.2) which forwards to
    > > > the ISP's router.
    > > ======================
    > >
    > > Now this part (the paragraph below) is the part I really do not
    understand
    > > because of the IP addresses that are mentioned, hence my previous
    thought
    > > you were "arping" packets across an OpenBSD bridged firewall, which I
    know
    > > not too many people use or know how to setup.
    > > ...
    > > > "The common firewall gateway (192.168.168.1)
    > > > forwards to the router (192.168.168.2) which forwards to
    > > > the ISP's router."
    > > ...
    > >
    > > Now, let's break this down. Your 'firewall' is also your router? What
    > brand
    > > is it?
    > > That "common firewall gateway (192.168.168.1) you mention, is that the
    > above
    > > firewall/router? Or are you saing that the firewall gateway and the
    router
    > > are two different things? Or is the router actually an ADSL modem?
    >
    > If I understand how this works correctly, the SonicWall is the router,
    > although all the SonicWall does is pass outgoing packets to the ActionTec
    > (in addition obviously to handling incoming packets from the ActionTec).
    >
    > >
    > > From the way you described that, it seems like that the 'common firewall
    > > gateway with an IP of 192.168.168.1, which is connected to your internal
    > > subnet, which your internal subnet uses as a gateway, has its other
    > > interface (which by definition of a 'router') configured wtih an IP on
    the
    > > same subnet and is connected to your ISP's router with an IP on the same
    > > subnet as the internal subnet, but should be a totally different subnet.
    > So
    > > based on the terminology used, I am completey lost on how this is
    > > configured.
    >
    > I remember when we first set this up last year, I had also thought that we
    > needed to set the LAN side IP of the ActionTec to a different subnet than
    > the WAN side IP of the SonicWall (hope I said that right!). It was either
    > Qwest or SonicWall, however, that said we needed to do it this way. It
    WAS
    > working for some time though, so I am curious why it has gone crazy now.
    >
    > Hopefully the above helps you understand. Let me know if not, and thanks
    > for your patience!
    >
    > >
    > > Can you break that down for me?
    > > What name brand router?
    > > What name brand firewall?
    > > What name brand modem (if it is)?
    > >
    > >
    > > --
    > > Regards,
    > > Ace
    > >
    > > Please direct all replies ONLY to the Microsoft public newsgroups
    > > so all can benefit.
    > >
    > > This posting is provided "AS-IS" with no warranties or guarantees
    > > and confers no rights.
    > >
    > > Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    > > Microsoft Windows MVP - Windows Server - Directory Services
    > >
    > > Security Is Like An Onion, It Has Layers
    > > HAM AND EGGS: A day's work for a chicken;
    > > A lifetime commitment for a pig.
    > > --
    > > =================================
    > >
    > >
    > >
    > >
    > >
    >
    >
  16. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    In news:DbSNc.25$u77.31198@news.uswest.net,
    DDJ <johnson@milehi.com> posted a question
    Then Kevin replied below:
    > We have ADSL.
    >
    > Ran the provided test. Although the Win2000 box I was
    > using did not have an MTU value in the registry, I added.
    > Per the MTU test, the optimal setting would be 1404.
    > NOTE: that this is the setting in our firewall as well
    > (says something about "fragment outbound packets larger
    > than 1404")
    >
    > The browser does not have an proxy settings in place.
    >
    > Tested browser after adding MTU value...still doesn't
    > work. The firewall forwards packets to the router, do
    > routers generally provide for an MTU setting?

    They way you should really test this is to ping the routers gateway to see
    what the MTU you can send to the gateway and use that setting on the NIC.
    e.g. Pinging 65.65.91.214 with 1468 bytes of data:

    Reply from 65.65.91.214: bytes=1468 time=151ms TTL=64
    Reply from 65.65.91.214: bytes=1468 time=150ms TTL=64
    Reply from 65.65.91.214: bytes=1468 time=150ms TTL=64
    Reply from 65.65.91.214: bytes=1468 time=150ms TTL=64

    Ping statistics for 65.65.91.214:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 150ms, Maximum = 151ms, Average = 150ms

    W:\>ping 65.65.91.214 -f -l 1469

    Pinging 65.65.91.214 with 1469 bytes of data:

    Request timed out.
    Request timed out.
    Request timed out.
    Request timed out.

    Ping statistics for 65.65.91.214:
    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms

    W:\>ping 65.65.91.214 -f -l 1473

    Pinging 65.65.91.214 with 1473 bytes of data:

    Packet needs to be fragmented but DF set.
    Packet needs to be fragmented but DF set.
    Packet needs to be fragmented but DF set.
    Packet needs to be fragmented but DF set.

    Ping statistics for 65.65.91.214:
    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms

    What this means is that somewhere between this machine which was 1500, and
    my router's gateway the MTU is 1468 because 1469 times out and the NIC
    fragments 1473. So I set this machine to 1468 + 28 bytes overhead = 1496.
    If the router is set to 1404 + 28= 1432 is the MTU you machine needs to be
    to get past the router. You just set your machine to the highest number that
    does not time out.

    The way to figure your MTU is to start with a number ping the routers
    gateway until you find a packet size that does not time out, add 28 and set
    your MTU to that number.


    --
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ============================
    --
    When responding to posts, please "Reply to Group" via your
    newsreader so that others may learn and benefit from your
    issue. To respond directly to me remove the nospam. from my
    email. ==========================================
    http://www.lonestaramerica.com/
    ==========================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ==========================================
    Keep a back up of your OE settings and folders with
    OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ==========================================
  17. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    Set the client box MTU to 1492 and the firewall's MTU to 1492.

    Here's what I get when I run the ping you describe:

    C:\>ping 63.228.79.254 -f -l 1464

    Pinging 63.228.79.254 with 1464 bytes of data:

    Reply from 63.228.79.254: bytes=1464 time=141ms TTL=2
    Reply from 63.228.79.254: bytes=1464 time=130ms TTL=2
    Reply from 63.228.79.254: bytes=1464 time=131ms TTL=2
    Reply from 63.228.79.254: bytes=1464 time=130ms TTL=2

    Ping statistics for 63.228.79.254:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% los
    Approximate round trip times in milli-seconds:
    Minimum = 130ms, Maximum = 141ms, Average = 133

    C:\>ping 63.228.79.254 -f -l 1465

    Pinging 63.228.79.254 with 1465 bytes of data:

    Packet needs to be fragmented but DF set.
    Packet needs to be fragmented but DF set.
    Packet needs to be fragmented but DF set.
    Packet needs to be fragmented but DF set.

    Ping statistics for 63.228.79.254:
    Packets: Sent = 4, Received = 0, Lost = 4 (100% l
    Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms


    I selected the 63.228.79.254 address to use because it was the second IP
    listed when doing a tracerroute for www.yahoo.com. The first address listed
    is our ActionTec modem (192.168.168.2), but I figured that was not the IP
    you wanted me to use, correct? I assume the 63.228.79.254 address is the
    address set to receive all packets coming from our network. The results are
    the same if if use the 192.168.168.2 address. (Browser still fails).


    "Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message
    news:%23sGsWjOdEHA.3392@tk2msftngp13.phx.gbl...
    > In news:DbSNc.25$u77.31198@news.uswest.net,
    > DDJ <johnson@milehi.com> posted a question
    > Then Kevin replied below:
    > > We have ADSL.
    > >
    > > Ran the provided test. Although the Win2000 box I was
    > > using did not have an MTU value in the registry, I added.
    > > Per the MTU test, the optimal setting would be 1404.
    > > NOTE: that this is the setting in our firewall as well
    > > (says something about "fragment outbound packets larger
    > > than 1404")
    > >
    > > The browser does not have an proxy settings in place.
    > >
    > > Tested browser after adding MTU value...still doesn't
    > > work. The firewall forwards packets to the router, do
    > > routers generally provide for an MTU setting?
    >
    > They way you should really test this is to ping the routers gateway to see
    > what the MTU you can send to the gateway and use that setting on the NIC.
    > e.g. Pinging 65.65.91.214 with 1468 bytes of data:
    >
    > Reply from 65.65.91.214: bytes=1468 time=151ms TTL=64
    > Reply from 65.65.91.214: bytes=1468 time=150ms TTL=64
    > Reply from 65.65.91.214: bytes=1468 time=150ms TTL=64
    > Reply from 65.65.91.214: bytes=1468 time=150ms TTL=64
    >
    > Ping statistics for 65.65.91.214:
    > Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
    > Approximate round trip times in milli-seconds:
    > Minimum = 150ms, Maximum = 151ms, Average = 150ms
    >
    > W:\>ping 65.65.91.214 -f -l 1469
    >
    > Pinging 65.65.91.214 with 1469 bytes of data:
    >
    > Request timed out.
    > Request timed out.
    > Request timed out.
    > Request timed out.
    >
    > Ping statistics for 65.65.91.214:
    > Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
    > Approximate round trip times in milli-seconds:
    > Minimum = 0ms, Maximum = 0ms, Average = 0ms
    >
    > W:\>ping 65.65.91.214 -f -l 1473
    >
    > Pinging 65.65.91.214 with 1473 bytes of data:
    >
    > Packet needs to be fragmented but DF set.
    > Packet needs to be fragmented but DF set.
    > Packet needs to be fragmented but DF set.
    > Packet needs to be fragmented but DF set.
    >
    > Ping statistics for 65.65.91.214:
    > Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
    > Approximate round trip times in milli-seconds:
    > Minimum = 0ms, Maximum = 0ms, Average = 0ms
    >
    > What this means is that somewhere between this machine which was 1500,
    and
    > my router's gateway the MTU is 1468 because 1469 times out and the NIC
    > fragments 1473. So I set this machine to 1468 + 28 bytes overhead = 1496.
    > If the router is set to 1404 + 28= 1432 is the MTU you machine needs to be
    > to get past the router. You just set your machine to the highest number
    that
    > does not time out.
    >
    > The way to figure your MTU is to start with a number ping the routers
    > gateway until you find a packet size that does not time out, add 28 and
    set
    > your MTU to that number.
    >
    >
    > --
    > Best regards,
    > Kevin D4 Dad Goodknecht Sr. [MVP]
    > Hope This Helps
    > ============================
    > --
    > When responding to posts, please "Reply to Group" via your
    > newsreader so that others may learn and benefit from your
    > issue. To respond directly to me remove the nospam. from my
    > email. ==========================================
    > http://www.lonestaramerica.com/
    > ==========================================
    > Use Outlook Express?... Get OE_Quotefix:
    > It will strip signature out and more
    > http://home.in.tum.de/~jain/software/oe-quotefix/
    > ==========================================
    > Keep a back up of your OE settings and folders with
    > OEBackup:
    > http://www.oehelp.com/OEBackup/Default.aspx
    > ==========================================
    >
    >
  18. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    In news:%23sGsWjOdEHA.3392@tk2msftngp13.phx.gbl,
    Kevin D. Goodknecht Sr. [MVP] <admin@nospam.WFTX.US> posted a question
    Then Kevin replied below:
    > The way to figure your MTU is to start with a number ping
    > the routers gateway until you find a packet size that
    > does not time out, add 28 and set your MTU to that number.

    In addition the new MTU setting requires a reboot, after which I got this:
    W:\>ping 65.65.91.214 -f -l 1468

    Pinging 65.65.91.214 with 1468 bytes of data:

    Reply from 65.65.91.214: bytes=1468 time=150ms TTL=64
    Reply from 65.65.91.214: bytes=1468 time=150ms TTL=64
    Reply from 65.65.91.214: bytes=1468 time=150ms TTL=64
    Reply from 65.65.91.214: bytes=1468 time=151ms TTL=64

    Ping statistics for 65.65.91.214:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 150ms, Maximum = 151ms, Average = 150ms

    W:\>ping 65.65.91.214 -f -l 1469

    Pinging 65.65.91.214 with 1469 bytes of data:

    Packet needs to be fragmented but DF set.
    Packet needs to be fragmented but DF set.
    Packet needs to be fragmented but DF set.
    Packet needs to be fragmented but DF set.

    Ping statistics for 65.65.91.214:
    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms


    --
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ============================
    --
    When responding to posts, please "Reply to Group" via your
    newsreader so that others may learn and benefit from your
    issue. To respond directly to me remove the nospam. from my
    email. ==========================================
    http://www.lonestaramerica.com/
    ==========================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ==========================================
    Keep a back up of your OE settings and folders with
    OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ==========================================
  19. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    In news:awVNc.50$2T3.89703@news.uswest.net,
    DDJ <johnson@milehi.com> posted a question
    Then Kevin replied below:
    > I selected the 63.228.79.254 address to use because it
    > was the second IP listed when doing a tracerroute for
    > www.yahoo.com. The first address listed is our ActionTec
    > modem (192.168.168.2), but I figured that was not the IP
    > you wanted me to use, correct? I assume the
    > 63.228.79.254 address is the address set to receive all
    > packets coming from our network. The results are the
    > same if if use the 192.168.168.2 address. (Browser still
    > fails).

    Browser fails, OK so lets go from there, does nslookup resolve the website
    to an IP address?


    --
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ============================
    --
    When responding to posts, please "Reply to Group" via your
    newsreader so that others may learn and benefit from your
    issue. To respond directly to me remove the nospam. from my
    email. ==========================================
    http://www.lonestaramerica.com/
    ==========================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ==========================================
    Keep a back up of your OE settings and folders with
    OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ==========================================
  20. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    See previous parts of this thread. Resolution is not a problem. With that
    in mind, Ace thought it might have something to do with the MTU settings,
    but I'm not sure that is still on the table.

    This question may sound naive, but is there any software out there that will
    tell you what IE is doing when processing user selections for a site? It's
    pretty crazy, from my perspective, that pinging, tracing, etc. all seem to
    work fine, but IE has a problem. Also, after a reboot, it only seems to
    have this problem for a few minutes, then fails. Even after IE fails, all
    other processes keep right on working (including logging on to this
    newsgroup which may not be important because resolution is not required???).

    Thanks!

    Dan

    "Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message
    news:eEMu$KQdEHA.3704@TK2MSFTNGP09.phx.gbl...
    > In news:awVNc.50$2T3.89703@news.uswest.net,
    > DDJ <johnson@milehi.com> posted a question
    > Then Kevin replied below:
    > > I selected the 63.228.79.254 address to use because it
    > > was the second IP listed when doing a tracerroute for
    > > www.yahoo.com. The first address listed is our ActionTec
    > > modem (192.168.168.2), but I figured that was not the IP
    > > you wanted me to use, correct? I assume the
    > > 63.228.79.254 address is the address set to receive all
    > > packets coming from our network. The results are the
    > > same if if use the 192.168.168.2 address. (Browser still
    > > fails).
    >
    > Browser fails, OK so lets go from there, does nslookup resolve the website
    > to an IP address?
    >
    >
    > --
    > Best regards,
    > Kevin D4 Dad Goodknecht Sr. [MVP]
    > Hope This Helps
    > ============================
    > --
    > When responding to posts, please "Reply to Group" via your
    > newsreader so that others may learn and benefit from your
    > issue. To respond directly to me remove the nospam. from my
    > email. ==========================================
    > http://www.lonestaramerica.com/
    > ==========================================
    > Use Outlook Express?... Get OE_Quotefix:
    > It will strip signature out and more
    > http://home.in.tum.de/~jain/software/oe-quotefix/
    > ==========================================
    > Keep a back up of your OE settings and folders with
    > OEBackup:
    > http://www.oehelp.com/OEBackup/Default.aspx
    > ==========================================
    >
    >
  21. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    In news:lGTNc.32$u77.37507@news.uswest.net,
    DDJ <johnson@milehi.com> asked for help and I offered my suggestions below:
    <snip>

    > I remember when we first set this up last year, I had also thought
    > that we needed to set the LAN side IP of the ActionTec to a different
    > subnet than the WAN side IP of the SonicWall (hope I said that
    > right!). It was either Qwest or SonicWall, however, that said we
    > needed to do it this way. It WAS working for some time though, so I
    > am curious why it has gone crazy now.
    >
    > Hopefully the above helps you understand. Let me know if not, and
    > thanks for your patience!
    >

    I see, so the Sonicwall has three interfaces, that makes sense. Now I
    understand what's going on. THanks

    --
    Regards,
    Ace

    Please direct all replies ONLY to the Microsoft public newsgroups
    so all can benefit.

    This posting is provided "AS-IS" with no warranties or guarantees
    and confers no rights.

    Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    Microsoft Windows MVP - Windows Server - Directory Services

    Security Is Like An Onion, It Has Layers
    HAM AND EGGS: A day's work for a chicken;
    A lifetime commitment for a pig.
    --
    =================================
  22. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    When you say three interfaces, I don't understand. I'm thinking the LAN
    side and the WAN side. What is the third?

    Thanks,

    Dan

    "Ace Fekay [MVP]"
    <PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com> wrote in
    message news:es8UfvQdEHA.1152@TK2MSFTNGP09.phx.gbl...
    > In news:lGTNc.32$u77.37507@news.uswest.net,
    > DDJ <johnson@milehi.com> asked for help and I offered my suggestions
    below:
    > <snip>
    >
    > > I remember when we first set this up last year, I had also thought
    > > that we needed to set the LAN side IP of the ActionTec to a different
    > > subnet than the WAN side IP of the SonicWall (hope I said that
    > > right!). It was either Qwest or SonicWall, however, that said we
    > > needed to do it this way. It WAS working for some time though, so I
    > > am curious why it has gone crazy now.
    > >
    > > Hopefully the above helps you understand. Let me know if not, and
    > > thanks for your patience!
    > >
    >
    > I see, so the Sonicwall has three interfaces, that makes sense. Now I
    > understand what's going on. THanks
    >
    > --
    > Regards,
    > Ace
    >
    > Please direct all replies ONLY to the Microsoft public newsgroups
    > so all can benefit.
    >
    > This posting is provided "AS-IS" with no warranties or guarantees
    > and confers no rights.
    >
    > Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    > Microsoft Windows MVP - Windows Server - Directory Services
    >
    > Security Is Like An Onion, It Has Layers
    > HAM AND EGGS: A day's work for a chicken;
    > A lifetime commitment for a pig.
    > --
    > =================================
    >
    >
  23. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    In news:MYXNc.80$2T3.116099@news.uswest.net,
    DDJ <johnson@milehi.com> asked for help and I offered my suggestions below:
    > See previous parts of this thread. Resolution is not a problem.
    > With that in mind, Ace thought it might have something to do with the
    > MTU settings, but I'm not sure that is still on the table.
    >
    > This question may sound naive, but is there any software out there
    > that will tell you what IE is doing when processing user selections
    > for a site? It's pretty crazy, from my perspective, that pinging,
    > tracing, etc. all seem to work fine, but IE has a problem. Also,
    > after a reboot, it only seems to have this problem for a few minutes,
    > then fails. Even after IE fails, all other processes keep right on
    > working (including logging on to this newsgroup which may not be
    > important because resolution is not required???).
    >
    > Thanks!
    >

    Connecting to this newsgroup does require resolution. No way around that,
    after all, since you are using Outlook Express, you supplied
    news.microsoft.com for the news server here, correct?

    As for the MTU, I would have probably chosen 1460 (seen this work many
    times before) to try for the MTU. Restart the system after you set it, as
    Kevin said. Also, I would try to eliminate the MTU setting all together in
    the Sonicwall, if you can. Have you called Sonicwall about this issue?

    So if it's not the MTU, then its definitley a browers issue. So far we've
    established that resolution works, and pings and tracerts work. So that's
    half of the puzzle, the other half is once IE gets the name resolved, it
    connects!

    Gots to ask... any viruses, adware, trojans, BHOs, etc etc? Have you tested
    for that stuff?


    --
    Regards,
    Ace

    Please direct all replies ONLY to the Microsoft public newsgroups
    so all can benefit.

    This posting is provided "AS-IS" with no warranties or guarantees
    and confers no rights.

    Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    Microsoft Windows MVP - Windows Server - Directory Services

    Security Is Like An Onion, It Has Layers
    HAM AND EGGS: A day's work for a chicken;
    A lifetime commitment for a pig.
    --
    =================================
  24. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    Will change MTU to 1460 on local box and also try to eliminate at firewall
    level...will report results back here.

    One of the first things I did was to run virus checks on all boxes. Nothing
    found.

    Dan

    "Ace Fekay [MVP]"
    <PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com> wrote in
    message news:OgQbW1QdEHA.3732@TK2MSFTNGP11.phx.gbl...
    > In news:MYXNc.80$2T3.116099@news.uswest.net,
    > DDJ <johnson@milehi.com> asked for help and I offered my suggestions
    below:
    > > See previous parts of this thread. Resolution is not a problem.
    > > With that in mind, Ace thought it might have something to do with the
    > > MTU settings, but I'm not sure that is still on the table.
    > >
    > > This question may sound naive, but is there any software out there
    > > that will tell you what IE is doing when processing user selections
    > > for a site? It's pretty crazy, from my perspective, that pinging,
    > > tracing, etc. all seem to work fine, but IE has a problem. Also,
    > > after a reboot, it only seems to have this problem for a few minutes,
    > > then fails. Even after IE fails, all other processes keep right on
    > > working (including logging on to this newsgroup which may not be
    > > important because resolution is not required???).
    > >
    > > Thanks!
    > >
    >
    > Connecting to this newsgroup does require resolution. No way around that,
    > after all, since you are using Outlook Express, you supplied
    > news.microsoft.com for the news server here, correct?
    >
    > As for the MTU, I would have probably chosen 1460 (seen this work many
    > times before) to try for the MTU. Restart the system after you set it, as
    > Kevin said. Also, I would try to eliminate the MTU setting all together in
    > the Sonicwall, if you can. Have you called Sonicwall about this issue?
    >
    > So if it's not the MTU, then its definitley a browers issue. So far we've
    > established that resolution works, and pings and tracerts work. So that's
    > half of the puzzle, the other half is once IE gets the name resolved, it
    > connects!
    >
    > Gots to ask... any viruses, adware, trojans, BHOs, etc etc? Have you
    tested
    > for that stuff?
    >
    >
    > --
    > Regards,
    > Ace
    >
    > Please direct all replies ONLY to the Microsoft public newsgroups
    > so all can benefit.
    >
    > This posting is provided "AS-IS" with no warranties or guarantees
    > and confers no rights.
    >
    > Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    > Microsoft Windows MVP - Windows Server - Directory Services
    >
    > Security Is Like An Onion, It Has Layers
    > HAM AND EGGS: A day's work for a chicken;
    > A lifetime commitment for a pig.
    > --
    > =================================
    >
    >
    >
  25. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    Do you mean set MTU to 1460, or 1488 (1460+28)?

    "Ace Fekay [MVP]"
    <PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com> wrote in
    message news:OgQbW1QdEHA.3732@TK2MSFTNGP11.phx.gbl...
    > In news:MYXNc.80$2T3.116099@news.uswest.net,
    > DDJ <johnson@milehi.com> asked for help and I offered my suggestions
    below:
    > > See previous parts of this thread. Resolution is not a problem.
    > > With that in mind, Ace thought it might have something to do with the
    > > MTU settings, but I'm not sure that is still on the table.
    > >
    > > This question may sound naive, but is there any software out there
    > > that will tell you what IE is doing when processing user selections
    > > for a site? It's pretty crazy, from my perspective, that pinging,
    > > tracing, etc. all seem to work fine, but IE has a problem. Also,
    > > after a reboot, it only seems to have this problem for a few minutes,
    > > then fails. Even after IE fails, all other processes keep right on
    > > working (including logging on to this newsgroup which may not be
    > > important because resolution is not required???).
    > >
    > > Thanks!
    > >
    >
    > Connecting to this newsgroup does require resolution. No way around that,
    > after all, since you are using Outlook Express, you supplied
    > news.microsoft.com for the news server here, correct?
    >
    > As for the MTU, I would have probably chosen 1460 (seen this work many
    > times before) to try for the MTU. Restart the system after you set it, as
    > Kevin said. Also, I would try to eliminate the MTU setting all together in
    > the Sonicwall, if you can. Have you called Sonicwall about this issue?
    >
    > So if it's not the MTU, then its definitley a browers issue. So far we've
    > established that resolution works, and pings and tracerts work. So that's
    > half of the puzzle, the other half is once IE gets the name resolved, it
    > connects!
    >
    > Gots to ask... any viruses, adware, trojans, BHOs, etc etc? Have you
    tested
    > for that stuff?
    >
    >
    > --
    > Regards,
    > Ace
    >
    > Please direct all replies ONLY to the Microsoft public newsgroups
    > so all can benefit.
    >
    > This posting is provided "AS-IS" with no warranties or guarantees
    > and confers no rights.
    >
    > Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    > Microsoft Windows MVP - Windows Server - Directory Services
    >
    > Security Is Like An Onion, It Has Layers
    > HAM AND EGGS: A day's work for a chicken;
    > A lifetime commitment for a pig.
    > --
    > =================================
    >
    >
    >
  26. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    In news:ABYNc.97$2T3.122662@news.uswest.net,
    DDJ <johnson@milehi.com> asked for help and I offered my suggestions below:
    > When you say three interfaces, I don't understand. I'm thinking the
    > LAN side and the WAN side. What is the third?
    >
    > Thanks,
    >
    > Dan
    >
    DMZ?

    --
    Regards,
    Ace

    Please direct all replies ONLY to the Microsoft public newsgroups
    so all can benefit.

    This posting is provided "AS-IS" with no warranties or guarantees
    and confers no rights.

    Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    Microsoft Windows MVP - Windows Server - Directory Services

    Security Is Like An Onion, It Has Layers
    HAM AND EGGS: A day's work for a chicken;
    A lifetime commitment for a pig.
    --
    =================================
  27. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    In news:X2_Nc.1472$qo6.8001@news.uswest.net,
    DDJ <johnson@milehi.com> posted a question
    Then Kevin replied below:
    > Will change MTU to 1460 on local box and also try to
    > eliminate at firewall level...will report results back
    > here.
    >
    > One of the first things I did was to run virus checks on
    > all boxes. Nothing found.

    I think you've ruled out the MTU issue, since you can ping your ISP with an
    MTU of 1464. The best your going to get is 1472.
    Have you turned off "Show friendly HTTP errors" if not do that (Advanced tab
    of internet properties) and post the exact error in IE.


    --
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ============================
    --
    When responding to posts, please "Reply to Group" via your
    newsreader so that others may learn and benefit from your
    issue. To respond directly to me remove the nospam. from my
    email. ==========================================
    http://www.lonestaramerica.com/
    ==========================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ==========================================
    Keep a back up of your OE settings and folders with
    OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ==========================================
  28. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    I may have discovered the cause of the error (see "duplicate names problem"
    below), but first I turned off "Show Friendly HTTP Errors", tried again,
    and here is the message received:

    The page cannot be displayed
    The page you are looking for is currently unavailable. The Web site
    might be experiencing technical difficulties, or you may need to adjust your
    browser settings.

    --------------------------------------------------------------------------

    Please try the following:

    a.. Click the Refresh button, or try again later.

    b.. If you typed the page address in the Address bar, make sure that
    it is spelled correctly.

    c.. To check your connection settings, click the Tools menu, and
    then click Internet Options. On the Connections tab, click Settings. The
    settings should match those provided by your local area network (LAN)
    administrator or Internet service provider (ISP).
    d.. If your Network Administrator has enabled it, Microsoft Windows
    can examine your network and automatically discover network connection
    settings.
    If you would like Windows to try and discover them,
    click Detect Network Settings
    e.. Some sites require 128-bit connection security. Click the Help
    menu and then click About Internet Explorer to determine what strength
    security you have installed.
    f.. If you are trying to reach a secure site, make sure your
    Security settings can support it. Click the Tools menu, and then click
    Internet Options. On the Advanced tab, scroll to the Security section and
    check settings for SSL 2.0, SSL 3.0, TLS 1.0, PCT 1.0.
    g.. Click the Back button to try another link.


    Cannot find server or DNS Error
    Internet Explorer

    Also, I checked the system log and see an EventID 4319 with the following
    message:

    A duplicate name has been detected on the TCP network. The IP address of the
    machine that sent the message is in the data. Use nbtstat -n in a command
    window to see which name is in the Conflict state.

    When I do an nbtstat -n I get the following:

    C:\>nbtstat -n

    Local Area Connection:
    Node IpAddress: [192.168.168.100] Scope Id: []

    NetBIOS Local Name Table

    Name Type Status
    ---------------------------------------------
    PC1 <00> UNIQUE Registered
    OURDOMAIN <00> GROUP Registered
    PC1 <03> UNIQUE Registered
    PC1$ <03> UNIQUE Registered
    PC1 <20> UNIQUE Registered
    OURDOMAIN <1E> GROUP Registered
    USER1 <03> UNIQUE Registered

    In reading an MS KB on this, I see a number of troubleshooting tips, as
    follows:
    a.. There is a computer on the network with the same name.
    After converting the hexadecimal numbers in the Event Viewer
    message, it looks like it's the DC (192.168.168.187) sending the message
    regarding the duplicate name. But the DC has a different name???
    a.. An identical user name is logged on to multiple computers.
    Have shutdown all machines on network, except the DC and a SQL
    Server machine (which has another user logged on)...same problem.
    a.. There are inactive or duplicate names in the Windows Internet Naming
    Service (WINS) database.
    We're not using WINS.
    a.. There is corruption in the Dynamic Host Configuration Protocol (DHCP)
    database.
    We're not using DHCP.
    a.. There are conflicting network adapters in a multihomed computer.
    There are no multihomed machines.
    a.. The ipconfig /all command returns an incorrect host name.
    This returns the correct host name.

    The KB articles I'm reading suggest I should be seeing something about a
    "conflict" state when doing an ipconfig /all, but I'm not seeing it
    anywhere. Is there another way to identify where the conflict is?

    Thanks!

    Dan

    "Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message
    news:%23$VWgbSdEHA.3212@TK2MSFTNGP12.phx.gbl...
    > In news:X2_Nc.1472$qo6.8001@news.uswest.net,
    > DDJ <johnson@milehi.com> posted a question
    > Then Kevin replied below:
    > > Will change MTU to 1460 on local box and also try to
    > > eliminate at firewall level...will report results back
    > > here.
    > >
    > > One of the first things I did was to run virus checks on
    > > all boxes. Nothing found.
    >
    > I think you've ruled out the MTU issue, since you can ping your ISP with
    an
    > MTU of 1464. The best your going to get is 1472.
    > Have you turned off "Show friendly HTTP errors" if not do that (Advanced
    tab
    > of internet properties) and post the exact error in IE.
    >
    >
    >
    > --
    > Best regards,
    > Kevin D4 Dad Goodknecht Sr. [MVP]
    > Hope This Helps
    > ============================
    > --
    > When responding to posts, please "Reply to Group" via your
    > newsreader so that others may learn and benefit from your
    > issue. To respond directly to me remove the nospam. from my
    > email. ==========================================
    > http://www.lonestaramerica.com/
    > ==========================================
    > Use Outlook Express?... Get OE_Quotefix:
    > It will strip signature out and more
    > http://home.in.tum.de/~jain/software/oe-quotefix/
    > ==========================================
    > Keep a back up of your OE settings and folders with
    > OEBackup:
    > http://www.oehelp.com/OEBackup/Default.aspx
    > ==========================================
    >
    >
    >
  29. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    In news:Nk7Oc.471$iY6.1019@news.uswest.net,
    DDJ <johnson@milehi.com> posted a question
    Then Kevin replied below:
    > I may have discovered the cause of the error (see
    > "duplicate names problem" below), but first I turned off
    > "Show Friendly HTTP Errors", tried again, and here is the
    > message received:
    >
    > The page cannot be displayed
    > The page you are looking for is currently
    > unavailable. The Web site might be experiencing technical
    > difficulties, or you may need to adjust your browser
    > settings.

    > Cannot find server or DNS Error
    > Internet Explorer
    >

    This is a general error that means that IE is unable to connect to the
    website on the IP address it was given.
    This can be caused by a multitude of problems, but DNS is returing an IP
    address.

    If DNS was unable to resolve the name to an IP address you would receive
    this error in your Browser:
    Client error

    Host name lookup for 'www.example.com' failed

    So we know IE is getting an IP from DNS for the name, BTW what was the
    website name?

    I suppose the next step is to see what the MTU you can ping that site with
    using the same command your used to ping your internet gateway.

    ping www.example.com -f -l 1464

    Some websites are not pingable so you'll have to use a pingable site. Here
    is an example of pinging www.yahoo.com:
    W:\>ping www.yahoo.com -f -l 1464

    Pinging www.yahoo.akadns.net [216.109.117.106] with 1464 bytes of data:

    Reply from 216.109.117.106: bytes=1464 time=190ms TTL=52
    Reply from 216.109.117.106: bytes=1464 time=190ms TTL=52
    Reply from 216.109.117.106: bytes=1464 time=190ms TTL=52
    Reply from 216.109.117.106: bytes=1464 time=200ms TTL=52

    Ping statistics for 216.109.117.106:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 190ms, Maximum = 200ms, Average = 192ms

    ****************************************************************

    > Also, I checked the system log and see an EventID 4319
    > with the following message:
    >
    > A duplicate name has been detected on the TCP network.
    > The IP address of the machine that sent the message is in
    > the data. Use nbtstat -n in a command window to see which
    > name is in the Conflict state.
    >

    Does this server have RRAS and is it configured for incoming connections?
    292822 - Name resolution and connectivity issues on a Routing and Remote
    Access Server that also runs DNS or WINS:
    http://support.microsoft.com/default.aspx?scid=kb;en-us;Q292822

    This can also cause DNS problems if you have the DNS proxy enabled in RRAS.

    --
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ============================
    --
    When responding to posts, please "Reply to Group" via your
    newsreader so that others may learn and benefit from your
    issue. To respond directly to me remove the nospam. from my
    email. ==========================================
    http://www.lonestaramerica.com/
    ==========================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ==========================================
    Keep a back up of your OE settings and folders with
    OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ==========================================
  30. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    In news:H5_Nc.526$u77.62296@news.uswest.net,
    DDJ <johnson@milehi.com> asked for help and I offered my suggestions below:
    > Do you mean set MTU to 1460, or 1488 (1460+28)?

    Try setting it to 1460.

    --
    Regards,
    Ace

    Please direct all replies ONLY to the Microsoft public newsgroups
    so all can benefit.

    This posting is provided "AS-IS" with no warranties or guarantees
    and confers no rights.

    Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    Microsoft Windows MVP - Windows Server - Directory Services

    Security Is Like An Onion, It Has Layers
    HAM AND EGGS: A day's work for a chicken;
    A lifetime commitment for a pig.
    --
    =================================
  31. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    I've been on the phone with MS Support most of the day and we got the
    problem fixed. Although I am embarrased by what the problem turned out to
    be, I wanted to make sure I thanked both Ace and Kevin, and let the group
    know what the problem was.

    About three weeks ago, we uninstalled Zone Alarm from some of our boxes. As
    it turns out, the Zone Alarm uninstall doesn't work very well. As a matter
    of fact, it didn't seem to uninstall much at all, particularly some dll's
    and one .sys file in the System32 directory. Once these files were removed,
    the problem was solved. These were not files that showed up in "Services"
    or any other place we initially looked to see what might be the problem...it
    essentially required going through the System32 directory, one file at a
    time, and determining what the purpose of each dll/sys file was for.

    So anyway, please accept my thanks for your help. I really appreciate the
    time you took in trying to resolve this issue.

    Dan Johnson


    "Ace Fekay [MVP]"
    <PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com> wrote in
    message news:#X5dPTcdEHA.3560@TK2MSFTNGP10.phx.gbl...
    > In news:H5_Nc.526$u77.62296@news.uswest.net,
    > DDJ <johnson@milehi.com> asked for help and I offered my suggestions
    below:
    > > Do you mean set MTU to 1460, or 1488 (1460+28)?
    >
    > Try setting it to 1460.
    >
    > --
    > Regards,
    > Ace
    >
    > Please direct all replies ONLY to the Microsoft public newsgroups
    > so all can benefit.
    >
    > This posting is provided "AS-IS" with no warranties or guarantees
    > and confers no rights.
    >
    > Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    > Microsoft Windows MVP - Windows Server - Directory Services
    >
    > Security Is Like An Onion, It Has Layers
    > HAM AND EGGS: A day's work for a chicken;
    > A lifetime commitment for a pig.
    > --
    > =================================
    >
    >
  32. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    In news:73gOc.71$7g7.39019@news.uswest.net,
    DDJ <johnson@nospammilehi.com> posted a question
    Then Kevin replied below:
    > I've been on the phone with MS Support most of the day
    > and we got the problem fixed. Although I am embarrased
    > by what the problem turned out to be, I wanted to make
    > sure I thanked both Ace and Kevin, and let the group know
    > what the problem was.
    Most of the day? Ouch!
    I guess it would have been a lot easier to just disable zone alarm instead
    of uninstalling it!
    I didn't think to ask if there was any software changes, if a case like this
    comes up again. I'll know to ask.

    It's just too bad we were unable to narrow it down for you. I hope you have
    a good day tomorrow, you'll probably sleep better tonight without this
    eating at you.


    --
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ============================
    --
    When responding to posts, please "Reply to Group" via your
    newsreader so that others may learn and benefit from your
    issue. To respond directly to me remove the nospam. from my
    email. ==========================================
    http://www.lonestaramerica.com/
    ==========================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ==========================================
    Keep a back up of your OE settings and folders with
    OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ==========================================
  33. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    In news:73gOc.71$7g7.39019@news.uswest.net,
    DDJ <johnson@milehi.com> asked for help and I offered my suggestions below:
    > I've been on the phone with MS Support most of the day and we got the
    > problem fixed. Although I am embarrased by what the problem turned
    > out to be, I wanted to make sure I thanked both Ace and Kevin, and
    > let the group know what the problem was.
    >
    > About three weeks ago, we uninstalled Zone Alarm from some of our
    > boxes. As it turns out, the Zone Alarm uninstall doesn't work very
    > well. As a matter of fact, it didn't seem to uninstall much at all,
    > particularly some dll's and one .sys file in the System32 directory.
    > Once these files were removed, the problem was solved. These were
    > not files that showed up in "Services" or any other place we
    > initially looked to see what might be the problem...it essentially
    > required going through the System32 directory, one file at a time,
    > and determining what the purpose of each dll/sys file was for.
    >
    > So anyway, please accept my thanks for your help. I really
    > appreciate the time you took in trying to resolve this issue.
    >
    > Dan Johnson
    >
    >

    Congrats on finding it! All day with PSS? WOW!

    Don't be embarassed. It wasn't your fault if Zone Alarm didn't uninstall
    correctly. That is Zone Alarm's fault!

    I agree with Kevin, never thought to ask about a personal firewall. Can you
    do us a favor and let us know exactly what DLLs and sys files that you had
    to remove that weren't removed? It will help us in the future!

    Thanks, appreciate it.


    --
    Regards,
    Ace

    Please direct all replies ONLY to the Microsoft public newsgroups
    so all can benefit.

    This posting is provided "AS-IS" with no warranties or guarantees
    and confers no rights.

    Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    Microsoft Windows MVP - Windows Server - Directory Services

    Security Is Like An Onion, It Has Layers
    HAM AND EGGS: A day's work for a chicken;
    A lifetime commitment for a pig.
    --
    =================================
  34. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    I've been on the phone with MS Support most of the day and we got the
    problem fixed. Although I am embarrased by what the problem turned out to
    be, I wanted to make sure I thanked both Ace and Kevin, and let the group
    know what the problem was.

    About three weeks ago, we uninstalled Zone Alarm from some of our boxes. As
    it turns out, the Zone Alarm uninstall doesn't work very well. As a matter
    of fact, it didn't seem to uninstall much at all, particularly some dll's
    and one .sys file in the System32 directory. Once these files were removed,
    the problem was solved. These were not files that showed up in "Services"
    or any other place we initially looked to see what might be the problem...it
    essentially required going through the System32 directory, one file at a
    time, and determining what the purpose of each dll/sys file was for.

    So anyway, please accept my thanks for your help. I really appreciate the
    time you took in trying to resolve this issue.

    Dan Johnson

    "Ace Fekay [MVP]"
    <PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com> wrote in
    message news:#X5dPTcdEHA.3560@TK2MSFTNGP10.phx.gbl...
    > In news:H5_Nc.526$u77.62296@news.uswest.net,
    > DDJ <johnson@milehi.com> asked for help and I offered my suggestions
    below:
    > > Do you mean set MTU to 1460, or 1488 (1460+28)?
    >
    > Try setting it to 1460.
    >
    > --
    > Regards,
    > Ace
    >
    > Please direct all replies ONLY to the Microsoft public newsgroups
    > so all can benefit.
    >
    > This posting is provided "AS-IS" with no warranties or guarantees
    > and confers no rights.
    >
    > Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    > Microsoft Windows MVP - Windows Server - Directory Services
    >
    > Security Is Like An Onion, It Has Layers
    > HAM AND EGGS: A day's work for a chicken;
    > A lifetime commitment for a pig.
    > --
    > =================================
    >
    >
  35. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    In news:U6zOc.498$Qc.5919@news.uswest.net,
    DDJ <johnson@milehi.com> asked for help and I offered my suggestions below:
    > I've been on the phone with MS Support most of the day and we got the
    > problem fixed. Although I am embarrased by what the problem turned
    > out to be, I wanted to make sure I thanked both Ace and Kevin, and
    > let the group know what the problem was.
    >
    > About three weeks ago, we uninstalled Zone Alarm from some of our
    > boxes. As it turns out, the Zone Alarm uninstall doesn't work very
    > well. As a matter of fact, it didn't seem to uninstall much at all,
    > particularly some dll's and one .sys file in the System32 directory.
    > Once these files were removed, the problem was solved. These were
    > not files that showed up in "Services" or any other place we
    > initially looked to see what might be the problem...it essentially
    > required going through the System32 directory, one file at a time,
    > and determining what the purpose of each dll/sys file was for.
    >
    > So anyway, please accept my thanks for your help. I really
    > appreciate the time you took in trying to resolve this issue.
    >
    > Dan Johnson

    Dan, can you let us know what exact files you and PSS found that were
    causing this?

    Thanks!


    --
    Regards,
    Ace

    Please direct all replies ONLY to the Microsoft public newsgroups
    so all can benefit.

    This posting is provided "AS-IS" with no warranties or guarantees
    and confers no rights.

    Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    Microsoft Windows MVP - Windows Server - Directory Services

    Security Is Like An Onion, It Has Layers
    HAM AND EGGS: A day's work for a chicken;
    A lifetime commitment for a pig.
    --
    =================================
  36. Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (More info?)

    Ace,

    I found the following Zone Alarm files in the System32 directory:

    vsdata.dll
    vsdatant.sys
    vsmonapi.dll
    vsutil.dll

    Was able to delete the three dll's without a problem (although I noticed
    after doing so that the 5 minute "window" I always had for using IE after a
    reboot went away...which was kind of our biggest clue actually).

    The sys file, on the other hand, was (pardon my french) the file from Hell.
    Took forever, but we finally found a way to kill it (by changing permissions
    on file, then rebooting in safe mode with networking and deleting the file).
    Problem solved. However, I'm still kicking myself because (particularly
    since our boxes here are development machines), I would have liked to figure
    out what was loading the vsdatant.sys to begin with...I assume that whatever
    that process is, is still lurking somewhere.

    Let me know if you need any more info. Again, Thanks!

    Dan


    "Ace Fekay [MVP]"
    <PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com> wrote in
    message news:OXveYRpdEHA.2520@TK2MSFTNGP12.phx.gbl...
    > In news:U6zOc.498$Qc.5919@news.uswest.net,
    > DDJ <johnson@milehi.com> asked for help and I offered my suggestions
    below:
    > > I've been on the phone with MS Support most of the day and we got the
    > > problem fixed. Although I am embarrased by what the problem turned
    > > out to be, I wanted to make sure I thanked both Ace and Kevin, and
    > > let the group know what the problem was.
    > >
    > > About three weeks ago, we uninstalled Zone Alarm from some of our
    > > boxes. As it turns out, the Zone Alarm uninstall doesn't work very
    > > well. As a matter of fact, it didn't seem to uninstall much at all,
    > > particularly some dll's and one .sys file in the System32 directory.
    > > Once these files were removed, the problem was solved. These were
    > > not files that showed up in "Services" or any other place we
    > > initially looked to see what might be the problem...it essentially
    > > required going through the System32 directory, one file at a time,
    > > and determining what the purpose of each dll/sys file was for.
    > >
    > > So anyway, please accept my thanks for your help. I really
    > > appreciate the time you took in trying to resolve this issue.
    > >
    > > Dan Johnson
    >
    > Dan, can you let us know what exact files you and PSS found that were
    > causing this?
    >
    > Thanks!
    >
    >
    > --
    > Regards,
    > Ace
    >
    > Please direct all replies ONLY to the Microsoft public newsgroups
    > so all can benefit.
    >
    > This posting is provided "AS-IS" with no warranties or guarantees
    > and confers no rights.
    >
    > Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    > Microsoft Windows MVP - Windows Server - Directory Services
    >
    > Security Is Like An Onion, It Has Layers
    > HAM AND EGGS: A day's work for a chicken;
    > A lifetime commitment for a pig.
    > --
    > =================================
    >
    >
Ask a new question

Read More

Internet Explorer Microsoft Windows