IP/Routing Issue Help Needed

Hello Everyone,

I encountered a problem recently which I seem to be stuck on. The problem is isolated to 1 server on a different subnet that I cannot either ping or remote desktop into by IP or Name. We were able to ping other servers on its subnet however. The only way we can connect to it is by remote desktop into a server on its subnet and then remote desktop from that server to the one that cannot be reached. And I tried pinging when actually remote desktop into the one that cannot be pinged to a host on the other subnet and it cannot find it either. I'm thinking this is a DNS issue maybe? I did just recently add a DNS server to the network but I see no errors in the log. The other subnet has its own DNS; however the DHCP is managed by a router. On our subnet though it has a DHCP managed by windows server 2003. Any ideas as to what could have caused this? Only thing that was changed recently was adding a new DNS server that is also a domain controller and backup DHCP to the domain.

Thanks in advance,

win2k8

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

kalebksp

First thing I would check is the computers default gateway. Then make sure that it has the correct subnet mask, I've seen weird things happen with windows machines that had the right IP but wrong mask.

networker050184

kalebksp wrote: »

First thing I would check is the computers default gateway. Then make sure that it has the correct subnet mask, I've seen weird things happen with windows machines that had the right IP but wrong mask.

+1

If it can only communicate with machines on its local subnet then the default gateway is the first thing to check.

Jordus

I agree with the previous 2 posters.

Obviously if you are trying to remote in by IP then it absolutely isnt a DNS issue. DNS isnt even in the equation if you are communicating solely based on TCP/IP.

Basically the problem is that the server doesnt know where to send info to be routed, so it almost has to be the gateway or submask.

jibbajabba

trace / tracert / traceroute is a good starting point ..

win2k8

Thanks for all the tips guys. I checked the subnet mask and default gateway of this unreachable server on another subnet and it matches exactly as another server on that same subnet. I tried tracert from my side and it got past our firewall and then timed out. I tried tracert from its side and i got all responses as timed out. If it was a routing issue why would it be impacting only 1 server's availability? This seems extraordinary wierd. They have a managed firewall so maybe some how they accidentally set their firewall to block all traffic from us only for that server? Thats the only thing I can think of that would be impacting 1 server.

Thanks,

win2k8

Mrock4

Based on your traceroutes, traffic is reaching the destination subnet, but not returning. I think it would be worth a check to see if a firewall rule is in place blocking traffic from the IP of that server to your subnet. If the subnet mask/default GW are right on that server, I would at least give the FW a quick look.

Is there any way you could assign a different IP to that server within your current range on that subnet? If you could, that may bypass any rules that may be in place. If it still doesn't work, that pretty much eliminates the FW theory.

Also, are there any inbound ACL's on the router?

Forsaken_GA

It's probably the firewall, best to ask the customer about it, they may have a very good reason for not wanting that server to be connectable outside of the subnet it's on.

Barring that, check the subnet mask again. Make absolutely sure it's correct. And make sure it's not simply an issue of the switch and/or router not having the proper arp entries.

The quick and dirty test is to ping the default gateway. If you can, then you know the server can reach the exit point for the subnet and the problem is either on the router, or a device the router hands off to. If you can't, that's your problem, if you can't get to the default gateway, there's no way you can pass traffic out of the subnet. If the server has to go through the firewall to get to the default gateway, it's your likely culprit. Try dropping it's rules temporarily to see if traffic will flow then.

Tyrant1919

I would guess it's a Firewall issue. Maybe Virusscan. I learned recently that if there's an unexplainable problem that's been taunting you for a few days, check the virusscan while you're at it.

Throw a packet sniffer on the server giving you problems. You'll really find out what's happening then.

mattrgee

Firewall.