Skip to main content

networking - Linux clients and Windows Servers can connect but not windows clients

This is driving me insane because I can't make head or
tails of it.



We have two DCs (W2K3 SP1) and I'v
tried this once on each machine as a sanity
check.



DHCP is being served by either one of the
machines and all machines get an address no problem. The servers can connect/ping/browse
to the www and so can all our linux clients. But NONE of our windows clients (all
windows 7).



I can do anything within the
network, I can even ping the firewall/router but nothing from the windows clients is
leaving the confines of our subnet.



I don't get
it. The linux and windows clients are both served from the same DHCP server, the gateway
is the same, everything is the
same.




Anyone care to take a shot at
how to resolve this?



I tried adding explicit
routes at the clients, but still no go.



Some
points that might help:



This is behind a
SonicWall firewall (which I absolutely despise).
The DCs are two VMs on two
different boxes.
DHCP being provided by these VMs. There is maybe 1/2 dozen
other VMs that act as web or database servers and they can all connect to the
internet.
The issue happened this morning (my time is GMT +2) and I think its
a result of issues on the VMs. The domain was built in what I can only kindly refer to
as a patchy manner. Dealing with it is like running my cojones in a
shredder.




Connection has proven to be
an intermittent thing. On several of the Windows 7 clients, connection was restored for
no obvious reason for a few minutes before it went
away.



Nothing has been changed when it comes to
domain policies for at least a few weeks now.



I
can't think of anything else to add, but if there's something in specific, y'all just
ask and I'll be more than happy to provide an
answer.



TIA



SMIM




@John
Gardeniers



I'm at home now so I'll post it
tomorrow when I get to the office, but I did that when I was there and the gateway and
DNS servers are right. DNS resolution is
correct.



This is the ipconfig /all output on one
of the clients that started to work magically after I turned
off the
DHCP



Windows IP
            Configuration

 Host Name . . . . . . . . . . . . :
            TAN-LEN-08

 Primary Dns Suffix . . . . . . . :
 Node Type
            . . . . . . . . . . . . : Hybrid
 IP Routing Enabled. . . . . . . . :
            No
 WINS Proxy Enabled. . . . . . . . : No
 DNS Suffix Search List.
            . . . . . :
            tanasuk.lcl

********************************************************************
Wireless
            LAN adapter Wireless Network Connection:

 Connection-specific DNS
            Suffix . : tanasuk.lcl

 Description . . . . . . . . . . . :
            Intel(R) WiFi Link 5100 AGN
 Physical Address. . . . . . . . . :
            00-21-5D-77-8F-D2
 DHCP Enabled. . . . . . . . . . . : Yes

            Autoconfiguration Enabled . . . . : Yes
 Link-local IPv6 Address . . . . . :
            fe80::c864:eeb4:cb19:40cf%12(Preferred)
 IPv4 Address. . . . . . . . . . . :
            192.168.186.151(Preferred)
 Subnet Mask . . . . . . . . . . . :
            255.255.255.0
 Lease Obtained. . . . . . . . . . : Monday, January 17, 2011
            9:48:50 AM
 Lease Expires . . . . . . . . . . : Monday, January 17, 2011
            2:48:51 PM
 Default Gateway . . . . . . . . . :
            192.168.186.1

 192.168.186.5
 DHCP Server . . . . . . . .
            . . . : 192.168.186.6
 DHCPv6 IAID . . . . . . . . . . . :
            218112349
 DHCPv6 Client DUID. . . . . . . . :
            00-01-00-01-14-4F-8A-A2-00-22-15-EB-3B-2F

 DNS Servers . . . . . .
            . . . . . : 192.168.186.5
 192.168.186.6
 Primary WINS Server . . .
            . . . . : 192.168.186.6
 NetBIOS over Tcpip. . . . . . . . :
            Enabled
********************************************************************


Ethernet
            adapter Local Area Connection:

 Media State . . . . . . . . . . . :
            Media disconnected
 Connection-specific DNS Suffix . :
 Description
            . . . . . . . . . . . : Realtek RTL8168C(P)/8111C(P) Family PCI-E
 Gigabit
            Ethernet NIC (NDIS 6.20)
 Physical Address. . . . . . . . . :
            00-22-15-EB-3B-2F
 DHCP Enabled. . . . . . . . . . . : Yes

            Autoconfiguration Enabled . . . . : Yes


Tunnel adapter
            Teredo Tunneling Pseudo-Interface:

 Media State . . . . . . . . . .
            . : Media disconnected
 Connection-specific DNS Suffix . :

            Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

            Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
 DHCP Enabled. . .
            . . . . . . . . : No
 Autoconfiguration Enabled . . . . :
            Yes


Tunnel adapter
            isatap.tanasuk.lcl:

 Media State . . . . . . . . . . . : Media
            disconnected
 Connection-specific DNS Suffix . : tanasuk.lcl

            Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
 Physical
            Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
 DHCP Enabled. . . . . . .
            . . . . : No
 Autoconfiguration Enabled . . . . :
            Yes



Obviously,
the one I tagged with asterisks is the one we're looking at.



Its right, the gateway should be and is
192.168.186.1, the DNS servers are 192.168.186.5|6 everything is right.



The weird thing is that things started to work
after DHCP server was turned off! In my exasperated attempts, I
even tried a linux server (CentOS 5.3 dhcpd) with the exact same
results.



Any idea guys? I'm stumped and I'd LOVE
to know what the heck is going on.



Here is the
ipconfig /all output off of one of the DCs/DNS
servers




Windows IP
            Configuration

 Host Name . . . . . . . . . . . . :
            TAN-SRV-DC2
 Primary Dns Suffix . . . . . . . : tanasuk.lcl
 Node
            Type . . . . . . . . . . . . : Hybrid
 IP Routing Enabled. . . . . . . . :
            No
 WINS Proxy Enabled. . . . . . . . : No
 DNS Suffix Search List.
            . . . . . : tanasuk.lcl

Ethernet adapter Local Area Connection
            2:


 Connection-specific DNS Suffix . :

            Description . . . . . . . . . . . : Citrix XenServer PV Ethernet Adapter

            Physical Address. . . . . . . . . : A2-A9-A1-B4-FA-08
 DHCP Enabled. . . . . .
            . . . . . : No
 IP Address. . . . . . . . . . . . : 192.168.186.6

            Subnet Mask . . . . . . . . . . . : 255.255.255.0
 Default Gateway . . . . . .
            . . . : 192.168.186.1
 DNS Servers . . . . . . . . . . . :
            192.168.186.5

            192.168.186.6



and
this is off of my local linux laptop (ifconfig
eth0)



eth0 Link encap:Ethernet
            HWaddr 00:16:6f:55:07:e3 
 BROADCAST MULTICAST MTU:1500 Metric:1
 RX
            packets:304 errors:0 dropped:0 overruns:0 frame:0
 TX packets:61 errors:0
            dropped:5 overruns:0 carrier:0
 collisions:0 txqueuelen:1000 
 RX
            bytes:47811 (47.8 KB) TX bytes:12238 (12.2 KB)

 Interrupt:22
            Memory:bc007000-bc007fff


(less
/etc/resolv.conf)



# Generated by
            NetworkManager
nameserver 192.168.186.5
nameserver
            192.168.186.6



and
(route -n output)



Kernel IP
            routing table
Destination Gateway Genmask Flags Metric Ref Use
            Iface
192.168.186.0 0.0.0.0 255.255.255.0 U 1 0 0 eth1
192.168.122.0
            0.0.0.0 255.255.255.0 U 0 0 0 virbr0
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0
            0 eth1
0.0.0.0 192.168.186.1 0.0.0.0 UG 0 0 0
            eth1



As you
can see, this is insane!



There is something I
have noticed since the problem has now become intermittent. Some Windows 7 laptops will
connect, others will not and some will connect for a bit and then just
forget.



They connect perfectly fine locally. And
though they have a gateway defined, its almost as if they don't know how to reach it.
Trying a tracert, I get a timeout from the first hop, but not so on the *nix clients
(CentOS, several Ubuntu, several Mac OS X). Could this be a DNS issue? as in both DCs
aren't synching properly?

Comments

Post a Comment

Popular posts from this blog

linux - iDRAC6 Virtual Media native library cannot be loaded

When attempting to mount Virtual Media on a iDRAC6 IP KVM session I get the following error: I'm using Ubuntu 9.04 and: $ javaws -version Java(TM) Web Start 1.6.0_16 $ uname -a Linux aud22419-linux 2.6.28-15-generic #51-Ubuntu SMP Mon Aug 31 13:39:06 UTC 2009 x86_64 GNU/Linux $ firefox -version Mozilla Firefox 3.0.14, Copyright (c) 1998 - 2009 mozilla.org On Windows + IE it (unsurprisingly) works. I've just gotten off the phone with the Dell tech support and I was told it is known to work on Linux + Firefox, albeit Ubuntu is not supported (by Dell, that is). Has anyone out there managed to mount virtual media in the same scenario?
Post a Comment
Read more

hp proliant - Smart Array P822 with HBA Mode?

We get an HP DL360 G8 with an Smart Array P822 controller. On that controller will come a HP StorageWorks D2700 . Does anybody know, that it is possible to run the Smart Array P822 in HBA mode? I found only information about the P410i, who can run HBA. If this is not supported, what you think about the LSI 9207-8e controller? Will this fit good in that setup? The Hardware we get is used but all original from HP. The StorageWorks has 25 x 900 GB SAS 10K disks. Because the disks are not new I would like to use only 22 for raid6, and the rest for spare (I need to see if the disk count is optimal or not for zfs). It would be nice if I'm not stick to SAS in future. As OS I would like to install debian stretch with zfs 0.71 as file system and software raid. I have see that hp has an page for debian to. I would like to use hba mode because it is recommend, that zfs know at most as possible about the disk, and I'm independent from the raid controller. For us zfs have many benefits,
Post a Comment
Read more

apache 2.2 - Server Potentially Compromised -- c99madshell

So, low and behold, a legacy site we've been hosting for a client had a version of FCKEditor that allowed someone to upload the dreaded c99madshell exploit onto our web host. I'm not a big security buff -- frankly I'm just a dev currently responsible for S/A duties due to a loss of personnel. Accordingly, I'd love any help you server-faulters could provide in assessing the damage from the exploit. To give you a bit of information: The file was uploaded into a directory within the webroot, "/_img/fck_uploads/File/". The Apache user and group are restricted such that they can't log in and don't have permissions outside of the directory from which we serve sites. All the files had 770 permissions (user rwx, group rwx, other none) -- something I wanted to fix but was told to hold off on as it wasn't "high priority" (hopefully this changes that). So it seems the hackers could've easily executed the script. Now I wasn't able
Post a Comment
Read more