Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

W2K server has lost Internat connectivity not like Waijai

Status
Not open for further replies.
Thresholder

Thresholder

Instructor
May 15, 2003
5
GB
I run a school network, 60 w/s. Received e-mail from LEA ref Blaster worm applied SP4 and hotfixes to avoid this and screwed up my network!!! Lost half w/s connections and internet.
Server has 3 nics, one to outside world others form hardware firewall, or so I was told. Have lost connection to one of the nics. Not the outside world, I can ping out. Seems to be a problem with services. RPC appears not to be working although apparently started. Trouble is the menu is greyed out when I try to check it. Is this normal? Tracking back on the dependancies shows that the RPC service is at the root of other services not started. All nics reported enabled and working.

I tried to uninstall SP4. It refused even tho' I backed old files. Done a repair on W2K. Restored from tape & got back connectivity to all w/s but not internet?

Anyone got any ideas? Do I need/can I reinstall RPC?
 
Sort by date Sort by votes
Why do you have a 3 nics? Is your server in DMZ and is it a webserver? 1 NIC to router and the 2 NICS that's connected to 2 firewall means 2 network segments. Can explain your network layout/diagram?
 
Upvote 0 Downvote
Go look at my post here at: thread96-656362 if this is the same issue you are having. In my case the NIC worked, and ping to an IP address worked, but no name resolution was possible so the lookups failed.

The fact that the RPC is not working smells a lot like a SoBig or Welchia virus problem, so be sure to check that first.

I do not understand your network configuration and that might give some insight if you could provide a littler more configuration information.

David
 
Upvote 0 Downvote
ricpinto
I have know idea why it was set up like this. Before my time ordered by others installed by Canon. The motherboard mounted nic is connected to an ISDN modem. The system has two switches, one nic is connected to one switch and the other is connected to the other switch. There is an uplink cable between both switches. As far as I can see both the switches, and the server, must be in a permanent state of confusion with regard to address allocation as any workstation seems to be able to communicate with both switches at once.
No the server is not a Web server and is not in DMZ. Mind you, you are getting out of my league when you start talking about these things.
Regards
Thresholder
 
Upvote 0 Downvote
Ok. I guess/see your network setup. For the RPC problem goto and apply the patch but before that remove your connection to cable modem physically and also remember don't upgrade the sp to sp4 yet, sp2 will do. Where's the firewall in your configuration, you have a very minimal chance of blaster infection if as you're told you have one.

Begin troubleshooting your net connection from the server, Make sure physical connections are OK, like if you plugin a cable to NIC it will have a green light from the LED, the same as the switch, it also have a green light to it's corresponding port number.

1. Post the result of Ipconfig/all

2. Ping ip address and domain names. Ex.( Ping 216.109.118.70 and ping What's the result?

3. Check DNS, download netdiag.exe and run netdiag/fix, what's the result of NSLOOKUP?


What I'm afraid is we're in diff time zone, I'm in GMT +8. Respond to everybody who are on line so you can get help at once. I guess by this time you already re-install everything :(.
 
Upvote 0 Downvote
From your network description, it appears that the server in question IS YOUR FIREWALL! The network makes perfect sense. Note, it appears that you may have multiple problems, not just a bad NIC issue.

The ISDN is your connection to the Internet,through the server (which is your hardware firewall), and the two other LAN connections to the switches are the Internet access through the server\Firewall in question. The cross connection between the two switches just reduces local traffic from having to route through the server for everything, reducing the load on the server, and the two NICS to the different switches improves the server performance by passing traffic directly from each switch (outbound only) through its own NIC access.

The network should work just fine as long as each switch uses it server NIC as the gateway for that switch, and the Server ONLY has a gatway address on the NIC to the ISDN.

This configuration should work fine even if one of the Switch/server link NICS goes bad, since the switches should be able to route around the NIC problem by going through the other switch via the uplink cable connecting the two switches.

First test: Verify that the server itself can browse the Internet via the ISDN link. Since you said half the network lost access, I do not expect this to fail. Then ping from the server to each of its NIC card addresses to verify the Server can see all three cards. Next ping from the server to the Switch port addresses to see if the issue is at the switch instead (or the cable connecting the two).

Next, refer to the following: Call the NIC0 the ISDN connection, NIC1 the NIC to switch 1, and NIC2 the NIC to and switch2. From a system on Switch1, ping in order to the IP address of NIC0, NIC1, NIC2. Do the same with a system connected to Switch2. If all work, it demonstrates the redundancy is working. If not, then your problem may be at the switch, not the server end.

A failed NIC toward the server (note: it could be either the Server or switch NIC) should not stop half of the network from internet access. A bad cross connect plus a bad Server link to either switch would block half the users. The routing tables in the switches should route Internet traffic to the server NIC first, then to the other switch second.

Now do the test again , but disconnect the link between the switches. If all still works, then all the NICs are accessable and working. If not, you will have found a possible bad connection between the switch which cannot ping and the server. Could be a bad port on the Switch, bad cable, or bad NIC at the server.

AT this point I would try a new NIC card or another switch port for the link which does not work. If the new NIC is now reachable, you still have the issue of why the uplink path does not work, and other than replacing the uplink cable between the switches (and checking that the port being used on each switch is correctly set to work as an uplink!!!) and testing again by disconnecting one switch at a time from their server link.

I suspect that your uplink is not working AND you have a NIC or server to switch connectivity issue. The Uplink only becomes obvious because of the failed NIC link and the failed uplink will block half of the users (those on the switch which has BOTH problems.).

Let us know what you find.

HTH

David
 
Upvote 0 Downvote
Hey thanks to all you guys.
I've got a heck of a lot to check out now but I'll come back as soon as I can with the results.
Thanks again
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

MaioMaio
  • Locked
  • Question
Server Remote Desktop License
Replies
0
Views
387
MaioMaio
MaioMaio
Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
470
Aquiles Vidal
Aquiles Vidal
microsGuy16
  • Locked
  • Question
Can not copy files to Mapped drive
Replies
0
Views
410
microsGuy16
microsGuy16
rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
604
suncit
suncit
antonio_dsanchez
  • Locked
  • Question
post-installation WSUS windows server 2016
Replies
0
Views
394
antonio_dsanchez
antonio_dsanchez

Part and Inventory Search

Sponsor

Back
Top