Strange Issue with websites

[Mtaylor511]

Ok I have a weird problem with a machine that even after re-imaging hasn't gone away.

Problem:

1. Some internal Intranet sites are not accessible when using the 10/100/1000 NIC in the Laptop, including one used to connect to a Central citrix Farm.

2. Patching the machine to a DMZ on an external firewall does not allow access to any websites, despite this working earlier.


Tried:

1. Disconnect the NIC and use WiFi....can access all internal Intranet sites and websites.

2. Logon as a different user with NIC enabled..still cannot access Internal Intranets when on LAN or websites when connected to DMZ.

3. Swap the hard drive to another identical machine...CAN access Internal Intranet sites when on LAN but still no websites via the DMZ.

4. Logon to a totally different machine as the same user, using the same ports and cables both for LAN and DMZ connection...everything works fine...Internal Intranets and websites through DMZ fully available.


I thought it could be a MAC Address issue...but seeing as the LAN is managed by us and we have blocked nothing, although the Internal Intranets are part of a central group network, and that our DMZ/Firewall is managed by a 3rd party that only block things we tell them too this seems strange...The later could also not be a MAC issue considering a different machine was used, albeit with the same hard disk in...the MAC address would be different, so why still no websites on DMZ.

At the moment we've assumed some form of hardware issue and have asked for a replacement...but not convinced

 

[linney]

Some Nvidia Network Adapters were causing problems due to some firewalls included in their software, are you using such an Adapter or Chipset?

Got Network issues and nForce Chipset...
thread1583-1437402

A Hidden Personal Firewall - The nVidia nForce Network Adapter

http://networking.nitecruzr.net/sea...+Firewall+-+The+nVidia+nForce+Network+Adapter

Does adding any site to the Trusted Site list of IE make any difference?

Have you checked access via "Safe Mode with Networking"?

 

[Mtaylor511]

The network card is a Broadcom card..so shouldn't be a device issue.

Adding sites to Trusted does nothing.

However, Safe mode with Neworking does.

In the above mode access to local Intranets when connected on the LAN still does NOT work.

BUT access to web sites when conencted to the DMZ does work...trying to work out what could be loaded in addition when in Normal Mode that would affect that.

I'd aslo note that during tests Windows Firewall has been on and off.

 

[Sympology]

I'd aslo note that during tests Windows Firewall has been on and off.

Turned off or the service shut down? These have different effects.
We have a strange one, where the app need the firewall OFF, but the service RUNNING. If you turn off the service, it cripples the app.

Are you using DHCP or Static addressing? If using Static, is the DNS entry correct?


Can you get to the pages via the ip address? e.g

http://192.168.1.10/home?

Is any anti spoofing turned on the firewall?



Most people spend their time on the "urgent" rather than on the "important."

 

[Mtaylor511]

Just turning the Firewall off in security settings not the service itself to be honest.

It's using DHCP on a corporate network and I've flushed the DNS and rebuilt WINSOCK

Haven't tried getting somewhere by the IP address yet but will do.

Yeah Anit-spoofing is turned on for the Firewall but it is in Safe mode as well, and when the connection is via WiFi and not NIC

 

[Mtaylor511]

Can't get to sites using IP address, can't ping either.

Update Broadcom Driver..no change

 

[Mtaylor511]

OK....in case this may help someone....we use Checkpoint SecureClient for access to our network over broadband etc.

If I am connected on the Corporate LAN via the Wired NIC, full access to shares etc so I am authenticated correctly, I can NOT get to any Intranets/Corporate Portals.

Remaing connected on the Wired LAN if I run SecureClient and connect I CAN get to the Corporate Intranets/Portals.

Ive even changed the SID on the PC as a wild stab...doesn't change anything.

 

[linney]

If "Safe Mode with Networking" is giving some access, can you isolate it further as to what might be blocking access?

310353 - How to Perform a Clean Boot in Windows XP

http://support.microsoft.com/default.aspx?scid=kb;en-us;310353&FR=1&PA=1&SD=HSCH

316434 - HOW TO: Perform Advanced Clean-Boot Troubleshooting in Windows XP

http://support.microsoft.com/default.aspx?scid=kb;en-us;316434&FR=1&PA=1&SD=HSCH

310560 - How to Troubleshoot By Using the Msconfig Utility in Windows XP

http://support.microsoft.com/default.aspx?scid=kb;en-us;310560&FR=1&PA=1&SD=HSCH

The difference between disabling everything in MsConfig and using Safe Mode would be that Safe Mode does not load drivers. This is an indication of perhaps a driver problem.

Try running ChkDsk to check your drive for errors. Right-click your Drive icon/ Properties/ Tools/ Error Checking. Select both boxes.

Run the System File Checker program from the Run Box by typing.....Sfc /Scannow in it and have your XP CD handy.

HOW TO: Verify Unsigned Device Drivers in Windows XP

http://support.microsoft.com/support/kb/articles/q308/5/14.asp

Are there any additional clues in the Event Viewer?

 

[Mtaylor511]

It's a corporate machine so no XP CD..machines are Ghosted or installed from the on disk software.

Chkdsk showed nothing to be honest and the NIC driver had already been replaced, not sure what other drivers would affect the wired card but not the wireless card to be honest

 

[Mtaylor511]

I have also now checked this pc on a standard BT broadband connection.

Again it will not connect to any websites.

 

[BadBigBen]

As a test, you could try to change the MAC address of the build in card to one PC that works (make sure that PC is offline during the test), to see if MAC filtering is the culprit...



Ben

"If it works don't fix it! If it doesn't use a sledgehammer..."

 

[Mtaylor511]

well this HDD in a different PC produces similar issues...that would be different hardware and MAC...I'm thinking it's driver or something related now

 

[Mtaylor511]

ok def not the MAC address...had the board replaced now and problem still exists...it's software

 

[BadBigBen]

Then I'd go ahead and run SFC /SCANNOW from a CMD window (CLI), this will check for corrupted system files...

also a CHKDSK /F (/R) could not hurt...

and if those do not alleviate the problem, then a REPAIR INSTALL is in order...

How to perform an in-place upgrade (reinstallation) of Windows XP

http://support.microsoft.com/kb/315341

Ben

"If it works don't fix it! If it doesn't use a sledgehammer..."

 

[Mtaylor511]

get an erroer message saying the RPC Server is unavailable when I run SFC

 

[linney]

Is your whole problem caused by an issue with Certificates?


Trusted root certificates that are required by Windows Server 2008, by Windows Vista, by Windows Server 2003, by Windows XP, and by Windows 2000

http://support.microsoft.com/kb/293781/

A manual visit to Windows Updates and checking the none security, recommended updates, will always offer you a download of "Root Certificates" too.


RPC server is unavailable
thread779-1218424

http://www.google.com/search?q=RPC+Server+is+unavailable+when+I+run+SFC&rls=com.microsoft:

 

[Mtaylor511]

hmmm not sure how it would be...to recap

connected to Corporate LAN Internet sites work Intranet sites don't.

Connected to Corporate LAN and run secure client...ALL sites work.

Connected to Broadband/DMZ NO sites work

Boot PC in SAFE mode with Networking on Broadband/DMZ internet sites work and through secureclient Intranet sites work

If certificate based this would be in place for all the above.

 

[Mtaylor511]

OK so enough was enough..after trying all the above and to no avail...the machien was rebuilt from scratch NOT using GHOST.

And now all is fine