TCP/IP partly working

[MisterFiz]

There is a Windows 2000 client on our network who has the following problem.
He can ping out to any subnet, logon to the domain, browse the internet, print to network resources, yet when any other client tries to ping him by IP address - it times out (even having changed ping timeout duration and packet size). I understand that he is also having trouble with FTP.
I have tried the following; connected him to an alternative known working LAN cable, ran a service pack 3 update, tried a different network card, stripped and reinstalled TCP/IP, ran the fixblast file in case of virus infection, changed the netbios name and readded into active directory, all to no avail.

I am now of the opinion that the fault is something to do with certain types of ports being unavailable, perhaps something to do with the etc\services file. This is where my knowledge dries up. If a port is not available how do you make it available, is it done by editing the services file? Could I use my own services file to re-enable the ports?

I am desperate to get to the bottom of this as shortly, resolution targets will force me to reinstall the OS just to get the job done. I however would like to bottom this problem once and for all as it is the 3rd time it has happened on my network.
Any advice would be greatly appreciated, many thanks.

 

[itsisnofun]

MisterFiz

Are you running your own dns server. If so check and see that his computer names does not point to another ip address in dns.

Mike

 

[MisterFiz]

Hello itisnofun!
Yep, we do have a DNS server running. If I ping him by netbios name from another subnet, it does resolve to the correct IP address, however, I am pinging him only by IP address in order to rule out DNS issues. If I do an nbtstat -A hostname that also resolves to the correct IP. All would seem to indicate that DNS is ok. I have also checked the DHCP scope and can see his lease disappear and reappear as I manually release then renew his IP.

The problem seems to me that only certain types of 'traffic' are being handled by the client, eg, DHCP is working fine, as is network printing, logon etc, FTP is not working.

I'll buy you a pint if you can fix this one!!!

 

[bcastner]

It is most likely a firewall issue. Watch out for hidden firewalls in antivirus programs. PC-Illan is notorious for doing exactly this with its default installation.

 

[MisterFiz]

Perhaps, although there are hundreds of other clients who all use the same preconfigured AV software with no detrimental effects.
Is there some way of viewing which ports are open/available on the client, or does this require the use of some third party software? And if I find that they are blocked or closed how do I open them, eg. port 8 for ICMP traffic? The client is not running zonealarm or anything similar.
Thanks

 

[bcastner]

PortMon - Port Monitor.

http://www.sysinternals.com

 

[bcastner]

The HOSTS file is not controlling on ports. The only other thought I had was that if the ping is coming from the WAN side and not the local LAN subnet it is not uncommon for ISPs to be blocking ICMP traffic at present. Welchavia and other worms have lead to ping storms and many ISPs are not routing ICMP type 8 requests or all ICMP requests.

 

[MisterFiz]

Turns out that the PC has Cisco VPN installed - but not activated, which binds 'deterministic network enhancer' to the NIC. I uninstalled and reinstalled the VPN software and this has cured it. VPN cant have been letting go of some of the ports.
Hurrahh, I dont have to reload the O/S now
Cool..