Can't ping or connect to external network devices

[split63]

I have a relatively new windows Server 2003 system install that can successfully get its complete IP address config via DHCP from a local router. So the hardware and IP stack are good. I can ping the IP address of the NIC card. I can't ping the IP address of the router or any other device on the local network. I just get "Destination Host Unreachable" Nor can I connect to the web with a browser. The Firewall is off.
Looking at the NIC cards status, when I ping or try to browse, no packets are sent. If I ping the server from another PC, I see that the NIC card is receiving those packets, but it does not echo them back.

If I boot into Safe mode with Networking, I can ping and connect to external devices just fine.

Something is blocking the traffic or the Stack is not bound to the NIC card. Help...I've hit a wall.

 

[gmail2]

I'm curious why you're using the router as your DHCP server and not your domain controller? Obviously your clients are using your DC as their DNS server, right? So it would be better to use DHCP on there also so that your clients would get registered in the DNS server.

Anyway, about your issue.
>> I can ping the IP address of the NIC card
You mean you can ping the NIC of the local PC and it replies? But you can't ping any other devices on your LAN, is that correct? Have you checked that the subnet mask is definitely correct on the clients and that they are definitely in the same subnet (not physical subnet, but IP subnet). If you clear the ARP cache (arp -d *) and then ping to another client on your network (that you know is switched on) then wait for it to time out and do arp -a afterwards, is there an record in the arp table for the client you just tried to ping to? If not, then it sounds like layer 2 isn't working as it should (when you send a request to another client on the same LAN, the first thing it does is ask for that client's MAC address).

Could you also post the results of ipconfig and "route print" from the two PC's (assuming you're using private IP addresses that is)

Irish Poetry - Karen O'Connor
Get your Irish Poetry Published
Garten und Landschaftsbau

 

[split63]

gmail2,

Remember that I change nothing and just go into safe mode and it all works. Meaning it gets the same DHCP config in safe and normal modes

IPCONFIG /all:
Host Name : Hedwig
Primary DNS SUffix : Theowlery.local
IP routing enabled : No
Win Proxy enabled : Yes
DNS suffix search : Theowlery.local

Physical address : 00-07-E9-26-B3-C2
DHCP enabled : Yes
Auto config enabled: yes
IP address : 10.0.0.4
Subnet Mask : 255:255:255:0
Default GW : 10.0.0.1
DHCP server : 10.0.0.1
DNS server : 10.0.0.1
Lease obtained : Tuesday July 10, 2007 8:24 AM
Lease expires : Wednesday, July 11, 2007 8:24


arp -d *
ping 10.0.0.1
"Destination Host Unreachable"
arp -a
"No arp entries found"

The OS does not even attemp the arp.
The trace route is also empty only showing the local host.

 

[gmail2]

Sorry, you're right - I think I slightly mis-read your initial post. Just to confirm, your router is 10.0.0.1 and your server is 10.0.0.4. By any chance does this server have any AV software installed? Does the user account you're logged in with have local admin rights on that server? I know this is a shot in the dark, but it sounds like MAYBE some service is preventing the traffic from being sent - that's why the arp request is never done because something at layer 1 or 2 is saying no. Try stopping as many services as possible and do a continuous ping (-t option) and see at what point you start to get replies again.

I might very well be completely off the mark here, but I can't think of anything else right now. If I'm lucky enough to have any brainwaves in the meantime, I'll post back

Good Luck

Irish Poetry - Karen O'Connor
Get your Irish Poetry Published
Garten und Landschaftsbau

 

[split63]

Gmail2,
There is no AV software installed. Yes, the router is 10.0.0.1 and the Win 2003 Server is 10.0.0.4.

We are logged in as admin.

I did try limited loading of various services, but this did not get me anywhere. Are you suggesting shutting them down in real time? From Task Manager? The problem with this is that I have no idea what I'm shutting off and if it is important to the OS. But I will give this a try

 

[split63]

I started shuting down service after services. The list was growing short. Then I turned off svchost.exe a SYSTEM process, and the ping starting working.
Note that there were about 6 such system processes.

Does this mean anything to you?

 

[lemapas]

Bonjour,

I had this problem last week, i don't know what kind of router you have, but with mine, i upgrade the firmware and it resolved the problem.

good luck.
Pascal.

 

[split63]

Ok, a little more detective work. I found the specific svchost process. The bad news is that there are a lot of processes under this particular svchost.


svchost.exe 844 AeLookupSvc, Browser, CryptSvc, dmserver,EventSystem, helpsvc, HidServ,lanmanserver, lanmanworkstation, Netman, Nla, RasMan, RemoteAccess, Schedule, seclogon, SENS, SharedAccess,ShellHWDetection, winmgmt, wuauserv, WZCSVC

Everything and the kitchen sink!

Do any of these look suspect? Any idea how I might narrow it down?

 

[split63]

Ok, using MSCONFIG, I went in and unchecked the box next to "Routing and Remote Access". Then rebooted, and it works!

So the $64K question is, what is wrong with this process and how do I fix it?

Thanks

 

[gmail2]

Blimey, you've been busy in the hour that it took me to get home!! Well done, you're 90% there now, all on your own Unfortunately I don't really know much about RRAS, but an educated guess is that the service is changing the routing tables and conflicting with what's there when the service isn't running (which is why it never does the arp check, because it doesn't realize it's on the same subnet) - but that's just an educated guess. I think the next thing you should do is type "route print" from the command prompt with the RRAS service stopped, then start it and do "route print" again. I think you'll find additional entries which may be conflicting but have different metrics.

By the way, what I actually meant was to stop the services from computer management, not from task manager, but hey ... you got the same result in the end

Irish Poetry - Karen O'Connor
Get your Irish Poetry Published
Garten und Landschaftsbau

 

[itsp1965]

Split63, when RRAS is enabled it works as its own DHCP server serving remote clients that access the server. Usually it pulls a set of IP leases from a Windows DHCP server to dole out but since you are using your router as a DHCP server I am guessing it was providing it's own set of IPs. Question is is how was this enabled in the first place.

 

[gmail2]

Any luck split63 ... you got so far yesterday, did itsp's post help narrow down the problem at all?

Irish Poetry - Karen O'Connor
Get your Irish Poetry Published
Garten und Landschaftsbau

 

[split63]

In the end, I just unchecked the routing and Remote access service in msconfig. All was good after that.
How that service was setup and setup wrong I have no idea. But rather than spend hours on it, I decided that unchecking the box was the way to go. Now I'm on to other problems.

Thanks for your help. Your key bit of advice was leaving ping running while shutting down services. That was the ticket.