Options
Sudden loss of connectivity in our SBS 2011 domain in our company!!!
shanparames
Member Posts: 103 ■■■□□□□□□□
in Off-Topic
Hi
In our company we are having one windows sbs 2011 domain controller and around 50 pcs with windows xp professional sp3 and some laptops with windows 7 professional sp2; Antivirus is symantec endpoint protection loaded in separate pc made server and all are configured ;working perfectly until today afternoon.
All of a sudden lot of calls started coming to IT ROOM complaining about the lost of connection between dc and the clients.We checked the pc's in our IT ROOM for myself and colleague starting to troubleshoot from our pc's since we also lost the connectivity.
* ping not working from any pc to dc
* ping not working with default gateway from the pc's lost connection
*layer 2 connectivity is ensured OK by connecting my pc through live bootcd and ping works with dc,gateway ;I opted for live boot cd since I rebooted my pc and the dc couple of times ;no effect
*default gateway which is our ADSL ROUTER LAN IP is pinging from the DC and internet is working
*DC'S antivirus symantec endpoint protection is stand alone not in sync with the symantec server... and also a client pc which is loaded with kaspersky antivirus also having the same problem....so symantec endpoint protection server possibility can be isolated.
* Restarted the DC and chose last known good configuration also ; same symptom
* found one windows server 2003 loaded as a member server in the domain still working; pinging with the dc;able to access the folders in DC ; afraid to restart and check since on windows xp pc after restarting ; lost the connectivity
N.B: all the clients are getting IP from dhcp in DC
When pinging request timed out is the result and the gpresult of the client pc's give generic failure
The current problem is temporarily solved !!!
I need a permanent solution.
The full details are at Sudden loss of connectivity in our SBS 2011 domain in our company!!! where I posted this issue first
In our company we are having one windows sbs 2011 domain controller and around 50 pcs with windows xp professional sp3 and some laptops with windows 7 professional sp2; Antivirus is symantec endpoint protection loaded in separate pc made server and all are configured ;working perfectly until today afternoon.
All of a sudden lot of calls started coming to IT ROOM complaining about the lost of connection between dc and the clients.We checked the pc's in our IT ROOM for myself and colleague starting to troubleshoot from our pc's since we also lost the connectivity.
* ping not working from any pc to dc
* ping not working with default gateway from the pc's lost connection
*layer 2 connectivity is ensured OK by connecting my pc through live bootcd and ping works with dc,gateway ;I opted for live boot cd since I rebooted my pc and the dc couple of times ;no effect
*default gateway which is our ADSL ROUTER LAN IP is pinging from the DC and internet is working
*DC'S antivirus symantec endpoint protection is stand alone not in sync with the symantec server... and also a client pc which is loaded with kaspersky antivirus also having the same problem....so symantec endpoint protection server possibility can be isolated.
* Restarted the DC and chose last known good configuration also ; same symptom
* found one windows server 2003 loaded as a member server in the domain still working; pinging with the dc;able to access the folders in DC ; afraid to restart and check since on windows xp pc after restarting ; lost the connectivity
N.B: all the clients are getting IP from dhcp in DC
When pinging request timed out is the result and the gpresult of the client pc's give generic failure
The current problem is temporarily solved !!!
I need a permanent solution.
The full details are at Sudden loss of connectivity in our SBS 2011 domain in our company!!! where I posted this issue first
Thanks
Comments
-
Options
undomiel
Member Posts: 2,818
When you say ping isn't working to the dc is this by name, ip address or both. If you run nslookup are you able to pull DNS records from the problem system? Anything interesting in the event logs on the dc? Is the firewall on?Jumping on the IT blogging band wagon -- http://www.jefferyland.com/ -
Options
shaqazoolu
Member Posts: 259 ■■■■□□□□□□
Did anything change on the DC?
Any new policies get pushed out?
What's the topology like?
Are there any layer 3 devices between the DC and the clients? Can the clients reach them?
Do any services besides ping work from client to the DC? If you have telnet enabled can you do that, or SMTP or POP3 or anything?
If the clients are getting IPs through DHCP, can they ping each other?
This is way out there but are you using your DC as a vulnerability scanner? If so that will hose connectivity to your entire domain in a hurry.:study: -
Optionsshanparames
Member Posts: 103 ■■■□□□□□□□
Hi
Thanks for your reply and the link Sudden loss of connectivity in our SBS 2011 domain in our company!!!
will give you all the troubleshoots which I have doneThanks -
Optionsshanparames
Member Posts: 103 ■■■□□□□□□□
Hi
The issue is temporarily solved by disabling some policies of the WINDOWS SBS 2011 but how to solve this issue permanently and what do the disabled policies have in effect with this issue?
Please help me to get the facts
N.B: What is my suspect is something from Symantec Endpoint Protection has changed the firewall settings of the whole network........Thanks -
Optionsundomiel
Member Posts: 2,818
What policies did you disable to remedy the problem?Jumping on the IT blogging band wagon -- http://www.jefferyland.com/
-
Optionsshanparames
Member Posts: 103 ■■■□□□□□□□
Hi
The disabled policies are in green rectangle
Thanks -
OptionsGAngel
Member Posts: 708 ■■■■□□□□□□
shanparames wrote: »Hi
The disabled policies are in green rectangle
The picture doesnt actually say what the policies do -
Optionsshanparames
Member Posts: 103 ■■■□□□□□□□
The picture doesnt actually say what the policies do
Hi
These highlighted policies only disabled for the clients and after doing the resetting of ip & winsock solved the issue.
I don't know the technical details about this group policy objects
To be precise in explanation , these policies are deprived from applying to the clients by disabling thoseThanks -
Optionsundomiel
Member Posts: 2,818
Have you verified that re-enabling the policies cuts off connectivity to the DC? You'll definitely need to pull the settings from the policy to know what is going on in it.Jumping on the IT blogging band wagon -- http://www.jefferyland.com/
-
Options
demonfurbie
Member Posts: 1,819
have you checked the software updates from microsoft, ive had an update once totally mess up my gp and firewall not letting anyone in.
you may also wanna check the firewall settings on the servers (not the hardware ones the windows firewall)wgu undergrad: done ... woot!!
WGU MS IT Management: done ... double woot :cheers: -
Optionsshanparames
Member Posts: 103 ■■■□□□□□□□
This happened suddenly ; all the microsoft updates were at that time not installed; while the network was working without any problem , at the evening 4.06 pm all of a sudden this incident took place.
No error log or any report in the event viewer of the dc
Any idea?Thanks
