Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Cannot ping outside our network

Status
Not open for further replies.
gesalo2004

gesalo2004

Technical User
Sep 22, 2004
17
SA

Dear All,

I cannot ping outside our network from all our workstations(win2k). I can connect to internal PCs and the server(Winnt 4.0 and proxy server 2.0), but while pinging any urls i get a message unknown host whereas internet browsing works fine with all, additionally i cannot download files from any ftp servers which i hope is related to the same problem, there is a message "The folder ftp://xxx.xxx is read only because the proxy server is not set up to allow full access". Please help what could be the problem i am stuck up with this for many days.

All suggestions are welcome.
 
Sort by date Sort by votes
Do you have a firewall between your network and the rest of the world?

If you aren't the network admin and you need to get access to ftp sites I suggest you ask your network admin if its possible and allowed.....and get them to help you.

---
Make the best use of what is in your power, and take the rest as it happens.
 
Upvote 0 Downvote
Just a thought.

Is it set to DHCP? Do an IPCONFIG /ALL and see what the PRIMARY AND SECONDARY WINS Servers are. Find out what it is supposed to be and set it in the properties if your network connection.
 
Upvote 0 Downvote
do you have a default gateway set? the proxy would allow you to browse the internet while if you didn;t have a default gateway then ping wouldn't work
 
Upvote 0 Downvote

Hi , We do not have a firewall

with ipconfig /all, there is no primary and secondary wins servers the report says wins proxy not enabled. But there is preferred and alternate DNS which are from the ISP. Should the DHCP be set to get the ping work ?

The default gateway is set to our proxy server (not isp's) could that be the problem?
 
Upvote 0 Downvote
that might do it since your saying there is no firewall(your network admin might want to address this).
its also has been a while since proxy 2.0 but this setup would work if you had a rule for every protocol in your proxy. to get ping working your going to need to open icmp to be forwarded by proxy just like you have http rules, this also could apply to your ftp problems.
"The folder ftp://xxx.xxx is read only because the proxy server is not set up to allow full access". - sounds like your not communicating with the remote server.
 
Upvote 0 Downvote
As marc says. This problem is to do with the configuration of your proxy server. If you created the rule to allow http (port 80) traffic to pass though the proxy to the internal network clients, repeat the process to allow ftp (port 21) traffic through also. If you wish to ping through it, then enable ICMP traffic too.

Good luck,
Rob.
 
Upvote 0 Downvote
Can I use Ping with Proxy?
This question comes up so often in the newsgroup that it warrants being towards the beginning of the document in a font that everyone will NOT miss (hopefully)

You cannot use ping with an internal client

The Proxy winsock service support both UDP and TCP packets. It does NOT support ICMP packets. Applications like Ping and Nslookup rely on ICMP packets so it is NOT possible to use them with the winsock service. There is nothing an admin can configure on the proxy to change this, the service was just created to work this way.

So what does happen?
When you attempt to ping a host from an internal client you’ll notice that the name does resolve, but you get a destination host unreachable. That is completely normal and expected. The name resolution part of the ping relies on DNS which is supported. The actual sending and receiving of an ICMP echo request is what should fail (destination host unreachable).

So why is there a static filter for ICMP?
As soon as somebody explains that the winsock service does not support ICMP, the next question is “Then why is there a static default filter ICMP?” This is a fair question, but if you understand how static filters work it makes sense. The static filter is there for the proxy server itself and any other servers that may be in a DMZ (see the DMZ section later in this document). The proxy server itself does not rely on the winsock service for it’s network connectivity and is therefore not limited by it. The static filter is there so from the proxy itself a user can use ping.

Is there a workaround?
Not in the true sense. You can do some things as installing a telnet daemon on the proxy server and allowing the users to telnet to the proxy and perform ping from there. I generally do not suggest installing telnet services on the proxy itself. There are some web front ends that you can create allowing users to perform a ping or lookup from a web page. In general though, allowing people to ping opens up security whole and more likely denial of service attacks from the outside.

To read more about this see the following MS FAQ article:
Click to expand...
Source:
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

DTGMI
  • Locked
  • Question
WIN 10 Pro PC & Adding back to our Network
Replies
1
Views
286
pjw001
pjw001
pmonett
  • Locked
  • Question
Cannot install Notes R12 1
Replies
13
Views
244
Rick998
Rick998
gergerdotcom
  • Locked
  • Question
Ping through Host-name
Replies
1
Views
85
goombawaho
goombawaho
keithinoz
  • Locked
  • Question
clean up network locations 1
Replies
3
Views
113
Beilstwh
Beilstwh
DrB0b
  • Locked
  • Question
Issues prioritizing network connections
Replies
2
Views
102
gbaughma
gbaughma

Part and Inventory Search

Sponsor

Back
Top