General discussion
-
CreatorTopic
-
August 19, 2004 at 6:46 am #2290178
www.www.microsoft.com.org
Lockedby mkfme · about 19 years, 7 months ago
I’m setting up a Win2K3 terminal services network and yesterday afternoon my test clients started getting redirected to microsoft.com.org when trying to access msn or microsoft.com. I found a couple of references on the Web but nothing that’s solved the problem. I’ve tried flushing DNS, emptying the cache, checked the Hosts file and I also scanned the system for viruses (none) and installed and ran Ad-aware (nothing remarkable there.) This happens using IE directly from the server or through a TS client. It does not happen from any PC not going through TS.
Topic is locked -
CreatorTopic
All Comments
-
AuthorReplies
-
-
August 19, 2004 at 8:25 am #2710908
Reply To: www.www.microsoft.com.org
by sgt_shultz · about 19 years, 7 months ago
In reply to www.www.microsoft.com.org
i wonder if your browser on server is hijacked? does netscape do this? http://www.pestpatrol.com might be a good resource for the registry entries that might be hijacked
-
August 20, 2004 at 8:42 am #2709841
Reply To: www.www.microsoft.com.org
by mkfme · about 19 years, 7 months ago
In reply to Reply To: www.www.microsoft.com.org
I’ve already run Ad-aware and SpyBot S&D with no luck.
-
-
August 19, 2004 at 10:06 am #2710873
Reply To: www.www.microsoft.com.org
by mikex · about 19 years, 7 months ago
In reply to www.www.microsoft.com.org
since i’m using opera browser, no hijacks issues – 2 years hard internet usage
-
August 19, 2004 at 10:15 am #2710870
Reply To: www.www.microsoft.com.org
by mikex · about 19 years, 7 months ago
In reply to Reply To: www.www.microsoft.com.org
However if you want to clean it Start=>run=>regedit=>F3=>type http://www.microsoft.com.org and delete it when you find it =>F3 again and so on to the end of the registry
-
August 20, 2004 at 8:42 am #2709842
Reply To: www.www.microsoft.com.org
by mkfme · about 19 years, 7 months ago
In reply to Reply To: www.www.microsoft.com.org
I downloaded and installed Firefox but still can’t access MS sites. Will be my browser of choice once problem is resolved.
-
-
August 20, 2004 at 8:16 am #2709847
Reply To: www.www.microsoft.com.org
by zaferus · about 19 years, 7 months ago
In reply to www.www.microsoft.com.org
Go to one of these systems and open the hosts file. By chance is there a static entry for these web sites to an IP?
Also do the same in your DNS that the systems point too. If the browser is not misdirecting, it stands to reason that your name resolution is.
Zaf
-
August 20, 2004 at 8:42 am #2709843
Reply To: www.www.microsoft.com.org
by mkfme · about 19 years, 7 months ago
In reply to Reply To: www.www.microsoft.com.org
This should be the answer but I see no hosts entries to an external IP. I’ve also run ipconfig /flushdns successfully with no change in results. Other thoughts?
-
-
August 20, 2004 at 8:45 am #2709840
Reply To: www.www.microsoft.com.org
by zaferus · about 19 years, 7 months ago
In reply to www.www.microsoft.com.org
I can’t shake the feeling that this is a resolution issue. Do the systems resolve to a server, firewall or ISP for their primary/secondary DNS?
What IP address do you get if you open up cmd and ping http://www.msn.com from a system that doesn’t work. Now compare it to one that does. You won’t be able to get a ping response (MSN blocks ICMP packets) but you should get an IP resolve.
Zaf
-
August 20, 2004 at 9:05 am #2709836
Reply To: www.www.microsoft.com.org
by mkfme · about 19 years, 7 months ago
In reply to Reply To: www.www.microsoft.com.org
The system has 2 nics – internal dns is another in-house server; external dns is at zoneedit. I have a second identical server set up exactly the same way with no problem. When I ping msn.com from my XP workstation I get 207.68.172.246, but when I ping from the affected server I got 0.0.0.0 – Destination specified is invalid. You’re definitely on to something, but what?
-
-
August 20, 2004 at 8:52 am #2709838
Reply To: www.www.microsoft.com.org
by mkfme · about 19 years, 7 months ago
In reply to www.www.microsoft.com.org
To Mikex: I also tried searching the registry as you suggested and found 2 key values with microsoft.com.org. They appeared to be history type entries and deleting them made no difference.
-
August 20, 2004 at 9:14 am #2709830
Reply To: www.www.microsoft.com.org
by zaferus · about 19 years, 7 months ago
In reply to www.www.microsoft.com.org
Hmmm, time to put this under a microscope. What I normally do now is get out a pen and paper and run through the resolution process step by step until I find the culprit. You’ve elimiated hosts, lmhosts and WINS shouldn’t be a factor in this as it is a domain resolve. I would go and check your Primary DNS (first one listed) first; but things may be complicated by the 2nd NIC.
And it’s rather unusual that you get a 0.0.0.0 IP address when it tries to resolve msn.com. This wasn’t what I expected you to get.
With two NICs, you still only have one default gateway, correct? Or do you have any static routes set up? I would like to eliminate this from the equation; can you temporarily disable one of the NICs and see what happens when you ping it or open it in a browser? Then try the other.
I think we’re getting close.
Zaf
-
August 20, 2004 at 11:30 am #2709785
Reply To: www.www.microsoft.com.org
by mkfme · about 19 years, 7 months ago
In reply to Reply To: www.www.microsoft.com.org
First, thanks for keeping at it! I disabled the LAN nic – pinging msn.com returned 207.68.172.246/destination host unreachable. When I disabled the external nic – pinging msn.com returned 0.0.0.0/destination specified is invalid.
The dns on the LAN nic is the ip of another identical internal server. I performed the same procedures on that server and got the following: internal nic – pinging msn.com returns 0.0.0.0/destination specified is invalid; external nic – ping returns ping request could not find host msn.com. On this server I can access all sites.
-
-
August 20, 2004 at 10:19 am #2709809
Reply To: www.www.microsoft.com.org
by mikex · about 19 years, 7 months ago
In reply to www.www.microsoft.com.org
Here’s the link with a detailed explanation how to resolve this problems with IE (well … yeah they’ve respect IE usage a lot):
-
August 23, 2004 at 7:52 am #2711351
Reply To: www.www.microsoft.com.org
by mkfme · about 19 years, 7 months ago
In reply to Reply To: www.www.microsoft.com.org
This is not the problem – thanks.
-
-
August 20, 2004 at 1:03 pm #2709754
Reply To: www.www.microsoft.com.org
by zaferus · about 19 years, 7 months ago
In reply to www.www.microsoft.com.org
Destination host unreachable is a message that you commonly get when a hop in the chain (usually your gateway or the next router) doesn’t know how to direct the traffic. This is very likely a routing/DNS issue.
I have set up people with 2 NICs before but never had a problem…
Can you list for me the IP addresses, subnet masks and especially DNS settings for both of the NIC cards? And tell me the LAN setting for your router. If you are concerned about security change the first three octets to whatever you want but just keep it consistent so I can see what IP’s are on the same networks.
Zaf
-
August 20, 2004 at 1:18 pm #2709746
Reply To: www.www.microsoft.com.org
by zaferus · about 19 years, 7 months ago
In reply to Reply To: www.www.microsoft.com.org
As well, I’m interested in what the DNS settings and default gateway are of the identical server that works. I am guessing you do not use proxy servers?
-
August 20, 2004 at 1:54 pm #2709736
Reply To: www.www.microsoft.com.org
by mkfme · about 19 years, 7 months ago
In reply to Reply To: www.www.microsoft.com.org
We do not use proxy servers. I share a cable connection via a Linksys router with ip 10.10.10.1 – common to all servers and PCs.
Terminal server nic 1: 192.168.15.4, subnet 255.255.255.0, DNS 192.168.15.2
Terminal server nic2: 10.10.10.82, subnet 255.255.255.0, Gateway 10.10.10.1, DNS (ZoneEdit) 69.10.134.196 and 216.122.4.151.
DC server nic1: 192.168.15.2, subnet 255.255.255.0, DNS 192.168.15.2
DC server nic2: 10.10.10.58, subnet 255.255.255.0, DNS (ZoneEdit same as terminal server above.)
The reason for the 2 ip schemes is the 10 dot network is old NT4, the 192 dot is new Win2K3. I’m in the process of phasing out NT4 and converting to terminal services.
Again, your help is greatly appreciated. I’m the IT jack of all trades for a nonprofit human services agency and don’t have the expertise myself to figure this out. – Martin I did make some changes to the first 3 ip octets as you suggested, but they are consistent.
-
-
August 20, 2004 at 2:20 pm #2709732
Reply To: www.www.microsoft.com.org
by zaferus · about 19 years, 7 months ago
In reply to www.www.microsoft.com.org
Glad to help Martin, or at least so far try to help : )
It seems strange that your DG (default gateway) and DNS are the same on a server that does work vs. a server that doesn’t. And yet all of our troubleshooting points to one of these being the issue.
But I’m guessing that the TS server is trying to use your W2K network to get to the Internet.
Typically on a sound W2k network, the only DNS listed is your primary and (if you have one) secondary internal DNS servers, which are normally also your domain controllers.
Then on the DNS servers they will do forward lookups on the Internet DNS. I’m wondering if this has anything to do with your problem.
It’s also possible that by having DNS servers on both subnets your TS server is going to the wrong DNS server to resolve an Internet IP.
You can “cheat” a proper fix of course by editing your hosts.sam file, renaming it to hosts (no extention) and placing it in your windows\system32 folder. In here put the domains that aren’t getting resolved properly and their proper IP. But fixing your design issue is preferable to a sound network.
Can you change your DNS settings the way I described after hours tonight? If you do let me know how it goes.
Zaf
-
August 20, 2004 at 2:31 pm #2709729
Reply To: www.www.microsoft.com.org
by zaferus · about 19 years, 7 months ago
In reply to Reply To: www.www.microsoft.com.org
Martin, I am “assuming” that your W2k is NOT set up as I have described above – which may not be right at all!
But if it is, can you tell me why you have the Linksys router on the subnet of the NT network and not the W2k network?
Zaf
-
August 23, 2004 at 7:52 am #2711352
Reply To: www.www.microsoft.com.org
by mkfme · about 19 years, 7 months ago
In reply to Reply To: www.www.microsoft.com.org
Good morning Zaf – the Linksys router is on the NT subnet because that’s where it was to begin with. The NT subnet is still the “production” network until I get the bugs out of the Win2K/TS network so I can move users. Once the conversion is complete I’ll shut down the NT subnet.
I may not understand your instructions, but the TS server now has the following DNS settings: Primary 69.10.134.196 (ZoneEdit), Secondary 192.xxx.xx.2 (Win2K3 DC). Unfortunately it hasn’t changed anything. What seems odd, as you mention, is that the DC has exactly the same settings and can browse the problematic sites OK. You’re right that the TS server is trying to use the DC to access the Internet, because if I use only the ZoneEdit settings for DNS and remove the DC ip, I can’t browse at all from the TS. I’m very confused.
Is this a DNS issue? If so, why does the DC browse OK with the same settings that don’t work for the TS server? What created the problem – malware or something that I did? Why does it only affect certain sites and not most?
Martin
-
-
August 23, 2004 at 8:40 am #2711329
Reply To: www.www.microsoft.com.org
by mkfme · about 19 years, 7 months ago
In reply to www.www.microsoft.com.org
Don’t know if this is useful, but if I enter the IP 207.46.244.188 I get the MS homepage, but I can’t navigate to any of the links. Also, if I open the last TechNet Flash e-mail the graphical elements aren’t visible, just the red x in a blank box effect.
-
August 23, 2004 at 9:25 am #2711311
Reply To: www.www.microsoft.com.org
by zaferus · about 19 years, 7 months ago
In reply to www.www.microsoft.com.org
Hey Martin, hope the weekend was well – I think I’m going to call this my part time job ; )
But I’m a little stubborn that way to a problem, I like to see it through once I’m committed to it.
This probably doesn’t have anything to do with your problem, but you have what I would consider a small DNS flaw. You should only have 2 DNS entries if you have 2 internal DNS servers. You should have everything point to only your internal DNS with W2k domains and then a “DNS forward” to you Internet IP. Who knows this may actually make a difference to your problem. Fix this and let me know I’ll get my thinking cap on now that I’m on my 2nd cup of coffee.
Zaf
-
August 23, 2004 at 12:38 pm #2711230
Reply To: www.www.microsoft.com.org
by mkfme · about 19 years, 7 months ago
In reply to Reply To: www.www.microsoft.com.org
Zaf – That did the trick! Once I elimated the “small flaw” everthing started working properly. Apparently there was something about the DNS confusion created by using the ZoneEdit IP as primary on one nic and the DC IP as primary on the other that caused the redirection/lack of access. Thank you so much for taking the time to help as long as you did – if I could give you more points I would. Have a great week! – Martin
-
-
August 23, 2004 at 12:38 pm #2711229
Reply To: www.www.microsoft.com.org
by mkfme · about 19 years, 7 months ago
In reply to www.www.microsoft.com.org
This question was closed by the author
-
-
AuthorReplies