General discussion

Locked

Selective TCP/IP question

By wburdine ·
I have two sworkstations on my network that are unable to ping SERVER2, nor can SERVER2 ping those systems. Every system is on the same subnet and all systems can ping each other fine with the exception of these two workstations not able to ping just the SERVER2. The workstations get handed their info via DHCP from another server like all the rest of the workstations and I have plenty of leases available. Any ideas....

This conversation is currently closed to new comments.

10 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by iupgrade In reply to Selective TCP/IP question

Call the workstations that cannot ping SERVER2 WORKSTATION1 AND WORKSTATION2.
1. Please list the IP address and subnet mask of all 3 stations.
2. Are you ping'ing from the DOS prompt? If not, then please do your pings from the DOS prompt, rather than some ping utility.
3. Can WORKSTATION1 ping WORKSTATION2, and vice versa?
4. What is the resulting message on WORKSTATION1 when WORKSTATION1 tries to ping SERVER2? Do you get a time out, or some other message?
5. Is the resulting message the same when pinging between WORKSTATION2 and SERVER2?
6. What about pinging from SERVER2?
7. After trying to ping from each of the 2 work stations and the server unsuccessfully, what does the ARP cache show for each of the 3 machines? From the DOS prompt, type <arp -a> (without the ">" symbols). This will show a table with the MAC address (physical address) and corresponding IP address for each node that you have tried to contact. Does this table show a MAC address for the IP of the unsuccessful pings? If it does show a MAC address, then can you confirm that it is indeed the MAC address of the station you are trying to ping?
8. Try doing a traceroute (from the DOS prompt, "tracert <IP address>") for each of these problem stations, to be certain that you are not crossing a router for some reason.
9. Are any of these work stations, or the server running a software firewall that might be disallowing the traffic, based on IP address, or MAC address?
10. Just to clarify, every station on your network can ping these 3 problem stations, and the 3 stations can ping every other station on the network. The issue is that these 3 only cannot ping each other. Is that correct?
11. Do the 2 problem workstations have anything in common with each other that makes them also different from other stations on the network? Is their operating system different, or are they together in a certain part of the network, or are both of them wireless, ...etc?

Collapse -

by iupgrade In reply to Selective TCP/IP question

Call the workstations that cannot ping SERVER2 WORKSTATION1 AND WORKSTATION2.
1. Please list the IP address and subnet mask of all 3 stations.
2. Are you ping'ing from the DOS prompt? If not, then please do your pings from the DOS prompt, rather than some ping utility.
3. Can WORKSTATION1 ping WORKSTATION2, and vice versa?
4. What is the resulting message on WORKSTATION1 when WORKSTATION1 tries to ping SERVER2? Do you get a time out, or some other message?
5. Is the resulting message the same when pinging between WORKSTATION2 and SERVER2?
6. What about pinging from SERVER2?
7. After trying to ping from each of the 2 work stations and the server unsuccessfully, what does the ARP cache show for each of the 3 machines? From the DOS prompt, type <arp -a> (without the ">" symbols). This will show a table with the MAC address (physical address) and corresponding IP address for each node that you have tried to contact. Does this table show a MAC address for the IP of the unsuccessful pings? If it does show a MAC address, then can you confirm that it is indeed the MAC address of the station you are trying to ping?
8. Try doing a traceroute (from the DOS prompt, "tracert <IP address>") for each of these problem stations, to be certain that you are not crossing a router for some reason.
9. Are any of these work stations, or the server running a software firewall that might be disallowing the traffic, based on IP address, or MAC address?
10. Just to clarify, every station on your network can ping these 3 problem stations, and the 3 stations can ping every other station on the network. The issue is that these 3 only cannot ping each other. Is that correct?
11. Do the 2 problem workstations have anything in common with each other that makes them also different from other stations on the network? Is their operating system different, or are they together in a certain part of the network, or are both of them wireless, ...etc?

Collapse -

by iupgrade In reply to Selective TCP/IP question

Call the workstations that cannot ping SERVER2 WORKSTATION1 AND WORKSTATION2.
1. Please list the IP address and subnet mask of all 3 stations.
2. Are you ping'ing from the DOS prompt? If not, then please do your pings from the DOS prompt, rather than some ping utility.
3. Can WORKSTATION1 ping WORKSTATION2, and vice versa?
4. What is the resulting message on WORKSTATION1 when WORKSTATION1 tries to ping SERVER2? Do you get a time out, or some other message?
5. Is the resulting message the same when pinging between WORKSTATION2 and SERVER2?
6. What about pinging from SERVER2?
7. After trying to ping from each of the 2 work stations and the server unsuccessfully, what does the ARP cache show for each of the 3 machines? From the DOS prompt, type <arp -a> (without the ">" symbols). This will show a table with the MAC address (physical address) and corresponding IP address for each node that you have tried to contact. Does this table show a MAC address for the IP of the unsuccessful pings? If it does show a MAC address, then can you confirm that it is indeed the MAC address of the station you are trying to ping?
8. Try doing a traceroute (from the DOS prompt, "tracert <IP address>") for each of these problem stations, to be certain that you are not crossing a router for some reason.
9. Are any of these work stations, or the server running a software firewall that might be disallowing the traffic, based on IP address, or MAC address?
10. Just to clarify, every station on your network can ping these 3 problem stations, and the 3 stations can ping every other station on the network. The issue is that these 3 only cannot ping each other. Is that correct?
11. Do the 2 problem workstations have anything in common with each other that makes them also different from other stations on the network? Is their operating system different, or are they together in a certain part of the network, or are both of them wireless, ...etc?

Collapse -

by OTL In reply to Selective TCP/IP question

From the DOS prompt type;
TRACERT (server IP address) this will tell you which router/server is blocking access or times out to this server.

Collapse -

by wburdine In reply to Selective TCP/IP question

Thanks for your input, but a text book step by step has already been done. For brief writing purposes I gave the pertinent info needed to diagnosis the problem, but just to clarify again....
1) the workstations can't ping the server in question...no problem pinging each other though.
2) everybody is on the SAME SUBNET and the workstations get their ip's from another server on the SAME subnet through DHCP
3) tracert won't be of any value on the same subnet if you can't ping the machine in the first place.
4) a result of arp-a only shows communication with the DHCP server and nothing else.
5) everything is on STP CAT5e
6) the DHCP server can ping all systems on the subnet no problem. It's the second server on the subnet that these two identically setup workstatons (incl the hardware, software, and OS) can not reach.

Collapse -

by Deadly Ernest In reply to Selective TCP/IP question

Have you checked if SERVER2 can be pinged by SERVER1 and the other workstations?

When ping fails on just one machine my first thought is to see if some sort of firewall or security on the machine being pinged is not accepting or allowing the ping or response, second thought is the for the same sort of protection on the machine doing the pinging.

In the network layout is there a router between these workstations and SERVER2? If so it may be that the router is set not to allow pings in both directions.

Because everybody is getting their infor via a DHCP server I suspect you have ICMP activity restricted in part of the network and that security restriction is between your 2 workstations and SERVER2

Collapse -

by iupgrade In reply to Selective TCP/IP question

Is the switch(s) that the traffic passes through capable of shaping network traffic, either by VLANs,or some other way to disallow this traffic (perhaps based on MAC address)? Since you state that this issue occurs on a flat network, and each machine in question is able to ping all other devices except the problem device, and since IP addresses are gotten via DHCP, then it is logical to assume that one of the stations (probably the server, since it is the common denominator) has a software firewall that is blocking traffic based on MAC address, or else some device in between (like the switch) is blocking the traffic.
Also, I do not believe that you stated what the ping failure message was; whether a "request timed out", or "destination host unreachable" or some other ICMP message.

Collapse -

by iupgrade In reply to

It may be necessary to take a network sniffer trace to determine where the ping request is failing. Ethereal is a good free-ware sniffer program.

Collapse -

by wburdine In reply to Selective TCP/IP question

Well to answer som of your questions....Server1 can ping everything including Server2, all workstations with the exception of the two problem one can ping every thing but Server2. Server2 does not have an active firewall or TCP/IP filtering turned on. There are NO firewalls between any of these systems, they are all on the same subnet connected to the same switch under the same VLAN. When doing a ping from these workstations both come up with 'timed out'. I am upping the points on this one now.... thanks for all your inputs thus far...

Collapse -

by wburdine In reply to Selective TCP/IP question

Point value changed by question poster.

Back to Windows Forum
10 total posts (Page 1 of 1)  

Related Discussions

Related Forums