Unable to connect to Windows Server 2008 R2 Standard Edition
Basic Information: My network topology is following: Router is connected to the internet, windows server 2008 is connected to the router, one laptop connected to the router. The dhcp address is assigned by the router and it is also configure for the vpn
connection. The Windows Server 2008 has following roles: active directory, dns , file services , application server, active directory certificate services, terminal services, network policy and access services and web server. The server has 5 client
license. It has four network adapters configured for a single network bridge. The dell server name is poweredge t310.
Issue: The server is not responding to the ping request from the router and the laptop that is connected to the router. The server and laptop are in the same subnet. It is not a firewall issue, I have already applied that solution. I had this server for
past three month approx and everything was working fine till last Friday.
I would appreciate your help in solving this issue.
Thank you,
Shiva
August 21st, 2011 11:33am
Hello,
The Windows Server 2008 has following roles: active directory, dns , file services , application server,
active directory certificate services, terminal services, network policy and access services and web server.
this is not recommended for security and performance reasons.
Issue: The server is not responding to the ping request from the router and the laptop that is connected to the router.
Try to ping using IP addresses. Also, make sure that the router is not blocking ICMP traffic and allow incoming ICMP requests and outgoing ICMP replies on the server. Also, check in IP configuration of this server that you have set the router as the default
gateway.
The server and laptop are in the same subnet. It is not a firewall issue, I have already applied that solution. I
had this server for past three month approx and everything was working fine till last Friday.
Try pinging using IP addresses. If the problem persists, it should be something wrong with your router.
This
posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
Microsoft Student
Partner 2010 / 2011
Microsoft Certified Professional
Microsoft Certified Systems Administrator:
Security
Microsoft Certified Systems Engineer:
Security
Microsoft Certified Technology Specialist:
Windows Server 2008 Active Directory, Configuration
Microsoft Certified Technology Specialist:
Windows Server 2008 Network Infrastructure, Configuration
Microsoft Certified Technology Specialist:
Windows Server 2008 Applications Infrastructure, Configuration
Microsoft Certified Technology Specialist:
Windows 7, Configuring
Microsoft Certified IT Professional: Enterprise
Administrator
Free Windows Admin Tool Kit Click here and download it now
August 21st, 2011 11:43am
Thank you for your response, The router is not blocking the icmp traffic and server is already configure for incoming and outgoing icmp replies. I can assure you that the router is not the issue. On the server, I can ping the router, client and external
website address. When the server is rebooting, I am able to ping the server after the server has booted completely, the ping request time out.
Shiva
August 21st, 2011 12:37pm
Hi,
Have you checked the Windows 2008 inbuild firewall Sometimes when you disable firewall from GUI mode it still does not work. You can try the below link for completely disabling firewall. Also check if you have any blockage from Anti-Virus.
shorter command to completely disable the firewall could have been:
netsh firewall set opmode disable
As Zaubi points out you should avoid using this command because it eliminates the firewall as a security measure completely, which is a bad thing. Temporarily disabling the firewall might be useful to troubleshoot network connectivity. The command to enable
the firewall again is:
netsh firewall set opmode enable
Firewall
I recommend taking a look at one of the command lines below. I'll show you some examples of how to open up the firewall.I assume you use the Windows Firewall in the Default profile.
To enable service exceptions
The Windows Firewall in a Server Core installation of Windows Server 2008 comes with a couple of default firewall exceptions. You can enable these exception to allow specific types of traffic through the firewall. For example, to allow File and Printer Sharing
you can run the following command:
netsh firewall set service fileandprint
If at any point you need help with the set service command just type netsh firewall set service which will show you some help. Extra command line switches may allow you to specify another firewall profile
and/or specify a firewall scope (all, subnet or custom)
To open specific ports
If your situation demands you open up specific ports to allow incoming traffic through your firewall you can add specific port openings in your firewall. You can specify whether the traffic is UDP or TCP, which port number you'd like to open and
which name you'd like to give your portopening, like this:
netsh firewall set portopening protocol=TCP | UDP port=PortnumberHere name=AnyNameHere
If at any point you need help with the set service command just type netsh firewall set portopening which will show you some help. Extra command line switches may allow you to specify another firewall
profile and/or specify a firewall scope (all, subnet or custom)
To allow specific programs
Another way to open up the firewall is to allow specific programs to communicate with the outside world. The Windows Firewall will allow any traffic to the executables you specify. Again you can also specify a name for the rule. Use this command to allow
specific programs:
netsh firewall set allowedprogram program=FullPathToExecutable name=AnyNameHere
If at any point you need help with the set service command just type netsh firewall set allowedprogram which will show you some help. Extra command line switches may allow you to specify another firewall
profile and/or specify a firewall scope (all, subnet or custom)
Advanced Firewall
Alternatively you can use the spanking new Advanced Firewall, which enables you to control incoming as well as outgoing traffic, allows you to edit the firewall configuration in offline mode (so you can change the settings, without committing any changes
yet) There's a nice webpage with more information on the Advanced Firewall functionality
here. It shows you how to change settings through the commandline and how to change them using Group Policies.
Free Windows Admin Tool Kit Click here and download it now
August 21st, 2011 1:15pm
Thank you Sukwin for your help, the issue was the antivirus software. As soon as I disable the software I was able to ping the server.Shiva
August 21st, 2011 1:46pm