Not sure where to begin with this question, so I'll just dive right in. Problem just developed overnight where users had difficulty loggin in or accessing network resources. Initially pinging the clients were unsuccessful by name or address. I was led to believe the problem was in DNS when I cross checked some pings with the -a option from the address I got when pinging by name. The two results didn't match up. So I cleared the cache and scaveneged stale records on the DNS servers, but there's still something going on. For example, on my computer (Windows 7) if I open the Network icon I only see a small handful of hosts, but I can ping many hosts by name and IP. Other hosts I can't ping either way, but they seem to be able to access resources now. I can pingthe DC from my PC, but cannot ping the my PC from the DC. Prior to clearing the cache, I wasn't able to connect to clients via RDP using name or IP, but I can now. So I'm leaning toward a DNS issue, but I'm confused why I can't ping by address on some devices at least. Environment: 2 x 2008 RC2 domain controllers; hosting DNS and DHCP All clients are Windows 7

if ping by ip fails, it cant be a dns issue (at least not the root cause). on the pcs where the ping fails, did you get a ip from your dhcp? what ip does ipconfig shows?

That's what I thought as well. Those machines do get an address from DHCP, even assigned one of them a static in the DHCP range. I can connect to that one by RDP, but I can't ping it's name or address. Forgot to mention these are on VMWare servers and the problem seems to mostly effect the machines on the ESXServers that have a DHCP address. However, even though the DC has a static address, I can still ping it from my physical machine, but not the other ways around. IPconfig on the client machines do show the correct subnet, DG, DNS, etc.

Well, I finally figured it out after more research. Some posts made reference to firewalls block ICMP's. Since this only effected VM hosts, I really didn't think that was the case. But I decided to disable it anyway and everything started working right away. This is Symantecs hosted endpoint cloud product, and I'm already that we just purchased, and I'm already growing weary of it. At the time of review and purchase they did not inform me, nor did I see it in documentation, that it disables the Windows firewall and uses their own and won't let you do it any other way. Finally found that out when I called to ask about it. The other weird thing with the product was that it wouldn't allow connections to the internet either. So I guess the problem was DNS, but the root cause was actually Symantec, but I'll save the rest for another forum. Looks like we were both right FZB.