1

I have a couple of computers that are acting strange and can’t figure this one out. They will connect to the network and show connected to the internet but no website will open. I can ping web addresses and get a response. I can remote into the computers from another computer so the network connection is good. However, can not get to any internet site. This is a hardwired connection and not wifi. I have tried the following:

  1. Flushed the DNS with ipconfig /flushdns
  2. Removed the nic card from device manager and re-added.
  3. Checked the driver of the nic card.
  4. Unplugged a network cable from computer next to one of them that works and plugged into the one not working and still doesn’t work.
  5. Ran network troubleshooter and it says connection is fine.
  6. Ran netsh int ip reset and netsh winsock reset
  7. Restarted computer many times.
  8. Cleared the arp cache on the PC

I’m thinking it is the network card itself but it is strange that 3 computers out of 4 started doing this at the same time. All 4 computers are connected to the same network switch. I have restarted the network switch also. 1 computer works fine but the other 3 have no internet.

4 Spice ups
2

When troubleshooting a problem on multiple systems, always try to find the common points of configuration. It certainly could be a DNS thing, but that’s not the only option. In this case an equally likely the point would be the router/firewall which would be the final hop before exiting to the Internet, or IP configuration. Unlikely to be the switched unless it’s a managed switch, and in a network that small it would be strange to find one.

Do these PCs use DHCP for IP assignment? Have you checked their IP configuration (ipconfig /all) to verify that they have the correct Default Gateway, Subnet mask and DNS server assignment. If DHCP and any of those are incorrect, then your DHCP config could be off.

Very unlikely that 3/4 ethernet cards would go bad at the same time. It’s almost never the hardware for something like this.

2 Spice ups
3
  1. What DNS do they get?
  2. If you don’t use a proxy, do these IPs have internet access through the firewall?
  3. If you do use a proxy, do they get the correct config?
  4. What reply do they get if they ping google.com
  5. Is anything on their local firewall blocking access?
  6. Are they running W11 24H2 - there are known issues with networking on this OS. Grab the drivers from the manufacture, not Microsoft update.
1 Spice up
4

Yes, they all get ip from DHCP. They all get the correct subnet and gateway. The 3 that don’t work are on the same subnet and gateway as the one working.

1 Spice up
5

Thanks for the suggestions.

  1. It is a local DNS server. All 4 use the same ip configuration (DHCP, subnet, gateway, DNS are all set the same) 1 computer works, the other 3 do not.
  2. Do not use a proxy, firewall is turned off
  3. Do not use a proxy
  4. I can ping google.com and get a valid response and the correct ip address
  5. Local firewall is turned off
  6. I will try your suggestion of getting driver from manufacturer. Although the computer that works has the same driver as the others that do not work.
1 Spice up
6
  1. Local DNS being? The DC? As a test, set one to external DNS (note this isn’t good practise, but as a test) and see how it behaves.
  2. For firewall, in this instance I mean your corporate one, have you done any firewall traces?
  3. Not a good idea, but if this is while you test, confirm it’s not blocking, it can be disabled/off and still block.
  4. True as that may be, we work in a world where things don’t always go as planned, nor do they always have explanations.

You never clarified the OS, so can you confirm this is W11 24H2 or something else.

Is there any VPN in use or could the proxy be set to something fake?
Does the user use any ad-blockers, if so, turn them off.

1 Spice up
7

Have you tried a different browser?
Sometimes browsers have issues with their DNS that can precede the PC’s DNS

1 Spice up
8

Even if you are not using one, Check the proxy settings in Settings, Network and Internet>Proxy. I have seen “Automatically Detect” cause this issue.

2 Spice ups
9

I think it is safe to say DNS working is an all or nothing situation. What I mean by that is if it can resolve one address (you said Google did) then DNS resolution is in fact working on the local machine. It is pushing requests out fine. The next step in the chain is where to look next.

For giggles, have it resolve to 8.8.8.8 and 1.1.1.1 by putting them in manually. Just for now, to see if DNS resolves again.

1 Spice up
10

Thanks for the info.
Yes, the OS is W11 24H2.
I have tried multiple browsers (Edge, chrome, firefox) and neither will work.
I turned off “Automatically Detect” in proxy setting to test but still no go.
I manually changed DNS to 8.8.8.8 and also 1.1.1.1 but still doesn’t work.

I did find something that may be the issue. I ran a traceroute to google.com from the one that works and one that does not. They are going through different routes at the 2nd hop (we have 2 internet providers to the firewall). Looks like maybe one route is the issue. Will start digging into that.
Thanks for the info.

3 Spice ups
11

I’m curious now. where does the 2nd step resolve? Can you post a list of each resolving?

1 Spice up
12

Does the firewall support dual active ISP ?
perhaps try disconnecting that second ISP and re-testing to see if it solves the problem.

2 Spice ups
13

Yeah. If the traffic is exiting from two different public/ISP IP’s you’ll have disparate paths. Not much of anything requiring TCP will work. Need to either prioritize one connection over the other, or do BGP or something, but that would be atypical for a small network.

1 Spice up
14

I’m not sure I agree with that. In one school I worked at long ago, we had a T-1 line and Comcast internet. The firewall managed the connection and things went out both ways to balance traffic. It all worked. Of course, if what he is saying is there are 2 different ISPs and traffic does not leave through a common gateway, then yeah. He’s lucky anything works ever. :slight_smile:

1 Spice up
15

I would disagree with this a little.

DNS resolution (port 53) can work, but access to those site (port 80/443) may still be blocked.

It may be a routing issue, but I would start by running a packet capture or firewall log trace for this IP. I expect it may be blocked or not allowed.

1 Spice up
16

Wouldn’t DNS still resolve at the command-line even if 80/443 were blocked?

1 Spice up
17

It can be done, but you’d need a Stateful router/firewall configured to do it, or as alluded before BGP. Sounds like it may not be set up that way, but rather it’s just round-robin’ing the traffic to “load balance.” I’m only speculating.

1 Spice up
18

right that’s what we did. If they are "wild west"ing it, then “Houston, we found our problem.”

1 Spice up
19

Thanks for all the info. I have found the problem. It was one of the internet connections. I disabled the port for the 2nd internet to force all traffic out one provider and it is working now.

4 Spice ups
20

If you haven’t already, run ipconfig /all to verify all the correct info.,

If it all looks correct, try changing the DNS server on that machine to 8.8.8.8 just to see if it works.

If it does, there is an issue with your DNS

1 Spice up