Announcement

Collapse
No announcement yet.

Clients cannot connect/ping server but Server can ping clients

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Clients cannot connect/ping server but Server can ping clients

    Hello, I have a server that houses DNS, DHCP and AD. From this server I can ping and tracert other server and client machines. However, no machine can ping or tracert this server, be it hostname or IP. I can connect to the server via remote desktop, UNC path and to its shared drives. This has caused an issue with DHCP clients not being able to find the domain when signing in because no connection=no DHCP server thus resulting in each client to give itself the AIPIA address of 169.x.x.x. The clients and the server are on the same subnet with the only thing between them being a Ciso Catalyst 3560 swith. The server is a w2k box and the clients are 2k and XP. For a quick fix I have set each client with a static IP, gateway and DNS server and everything works fine like this. I want it to work right and I want to fix the problem not just put a band-aid on it. Does anyone have any suggestions that I can try?

  • #2
    Re: Clients cannot connect/ping server but Server can ping clients

    When you say ping and tracert don't work do you mean you get a "request timed out"? It would be very strange to get a "request timed out" yet be able to connect via RDP so I think the problem may be either a firewall (Windows Firewall) or TCP/IP filtering on the server that is blocking ICMP traffic but allowing other traffic. I'm at a loss to know why this would affect DHCP as DHCP doesn't use ICMP.

    Comment


    • #3
      Re: Clients cannot connect/ping server but Server can ping clients

      Yes, "Request timed out." It has worked fine for awhile now and all of a sudden Users could not login because of this. They recieved the "xxxx Domain is not Avaiable" error. Thats why I had to give them a static IP to keep them up and running until I could figure this out and fix it.

      Comment


      • #4
        Re: Clients cannot connect/ping server but Server can ping clients

        And you didn't configure a ACL on the switch?
        You didn't have multiple NIC's in the server?
        Have you already tried making a sniffer trace (make a monitor port on the switch) because of the DHCP issue?
        Marcel
        Technical Consultant
        Netherlands
        http://www.phetios.com
        http://blog.nessus.nl

        MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
        "No matter how secure, there is always the human factor."

        "Enjoy life today, tomorrow may never come."
        "If you're going through hell, keep going. ~Winston Churchill"

        Comment


        • #5
          Re: Clients cannot connect/ping server but Server can ping clients

          I have made no changes to anything. There is only 1 NIC on the server, please keep in mind that this server is for only about 11 clients at one of our branch sites, I don't believe there is a need for dual NICs, do you?. Everything was working fine until one day I came in and was getting calls that no one could logon to the domain. I logged in as local machine admin, verified what my IP was (169.x.x.x) and since it was, I immedialty went around and statically configured everyones PC to get them off of my back so that I could have time to figure this out.

          Comment


          • #6
            Re: Clients cannot connect/ping server but Server can ping clients

            Originally posted by joey74055 View Post
            please keep in mind that this server is for only about 11 clients at one of our branch sites, I don't believe there is a need for dual NICs, do you?.
            Please keep in mind that seeing as you never mentioned that in the first post how on earth can we keep it in mind?

            I think the dual NIC question was valid as without seeing your setup every avenue has to be investigated. Dual NICs plugged in can mean that DHCP is running on the wrong one, the server has two IP addreses etc for example.

            It could be something as simple as a faulty NIC in this situation.
            If you do have a spare NIC (most server boards have 2 now)?
            If so, then try setting that up as primary, set the IP address etc and then disable the other one. If you have made no changes then this seems a possibility.

            Also, do you have all the current updates for the server OS? The scalable Networking Packfor example has had some features disabled with a recent update and this can cause odd networking issues (if not installed).
            cheers
            Andy

            Please read this before you post:


            Quis custodiet ipsos custodes?

            Comment


            • #7
              Re: Clients cannot connect/ping server but Server can ping clients

              I'd run a trace on the server's nic to see what traffic there is on ports 67 and 68. If you see the Discover packets coming in but no Offer packets going out then make sure your DHCP server service is running.

              Check the event logs to see if there's anything that sheds some light on the issue.

              If the Offer packets are going out then check to see if they're getting to the clients.

              etc. etc. Post back with what you find.


              (ps - if you don't have a packet sniffer you can get a free one from www.wireshark.org or www.microsoft.com)
              Regards,
              Jeremy

              Network Consultant/Engineer
              Baltimore - Washington area and beyond
              www.gma-cpa.com

              Comment


              • #8
                Re: Clients cannot connect/ping server but Server can ping clients

                Originally posted by AndyJG247

                I think the dual NIC question was valid as without seeing your setup every avenue has to be investigated. Dual NICs plugged in can mean that DHCP is running on the wrong one, the server has two IP addreses etc for example.
                True, that's why i've asked the question

                make sure you're dhcp is still running.
                Make sure dhcp is still autorized.
                Marcel
                Technical Consultant
                Netherlands
                http://www.phetios.com
                http://blog.nessus.nl

                MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                "No matter how secure, there is always the human factor."

                "Enjoy life today, tomorrow may never come."
                "If you're going through hell, keep going. ~Winston Churchill"

                Comment

                Working...
                X