ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up

    Scheduled Pinned Locked Moved IT Discussion
    98 Posts 11 Posters 14.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • pchiodoP
      pchiodo @garak0410
      last edited by

      @garak0410

      If you have Windows Firewall disabled, re-enable it, then turn it off, but leave the service running, and see if the problems go away.

      Start with one workstation and the server that appears to be dropping when writing.

      1 Reply Last reply Reply Quote 2
      • pchiodoP
        pchiodo
        last edited by

        Another thing to check for is the Symantec Network Threat Protection driver. You'll find this under Device Manager network connections as Teefer2 or something similar.

        If you find it, it may be difficult to remove, as standard methods tend to fail.

        You might want to look in the registry and delete the 'Config' entry:

        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network

        Then you should be able to remove your network cards and the teefer2 entries from device manager.

        Reboot, and then reconfig the network cards. Make sure you have the latest updated drivers.

        garak0410G 1 Reply Last reply Reply Quote 1
        • garak0410G
          garak0410 @pchiodo
          last edited by

          @pchiodo said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up:

          Another thing to check for is the Symantec Network Threat Protection driver. You'll find this under Device Manager network connections as Teefer2 or something similar.

          If you find it, it may be difficult to remove, as standard methods tend to fail.

          You might want to look in the registry and delete the 'Config' entry:

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network

          Then you should be able to remove your network cards and the teefer2 entries from device manager.

          Reboot, and then reconfig the network cards. Make sure you have the latest updated drivers.

          IF I am looking in right spot, I only see one Network Adapter...MICROSOFT HYPER-V NETWORK ADAPTER on our file server that I removed Symantec from (but didn't install WebRoot as of yet).

          @pchiodo said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up:

          @garak0410

          If you have Windows Firewall disabled, re-enable it, then turn it off, but leave the service running, and see if the problems go away.

          Start with one workstation and the server that appears to be dropping when writing.

          On the file server (where the files write to), Windows Firewall is On. Now, if I ping back to a workstation that I know has both "can't ping" and that drafting program lockup, it won't ping...DESTINATION HOST UNREACHABLE. I don't think it is related as another PC that can ping both ways also locked up with the drafting program.

          It's maddening I tell you!

          pchiodoP 1 Reply Last reply Reply Quote 1
          • pchiodoP
            pchiodo @garak0410
            last edited by

            @garak0410

            Hmm. in reading your error message it refers to COM+, but this doesn't seem right. It appears WMI may not have the correct fire wall rules.

            On the Hyper-V server try this:

            netsh advfirewall firewall set rule group="Windows Management Instrumentation (WMI)" new enable=yes

            netsh advfirewall firewall set rule group="Remote Event Log Management" new enable=yes

            Pretty sure Symantec mucked up Windows Firewall.

            You might try turning it off for testing and see if the problems go away. Then you'll know specifically if it is firewall related.

            garak0410G 1 Reply Last reply Reply Quote 1
            • garak0410G
              garak0410 @pchiodo
              last edited by garak0410

              @pchiodo said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up:

              @garak0410

              Hmm. in reading your error message it refers to COM+, but this doesn't seem right. It appears WMI may not have the correct fire wall rules.

              On the Hyper-V server try this:

              netsh advfirewall firewall set rule group="Windows Management Instrumentation (WMI)" new enable=yes

              netsh advfirewall firewall set rule group="Remote Event Log Management" new enable=yes

              Pretty sure Symantec mucked up Windows Firewall.

              You might try turning it off for testing and see if the problems go away. Then you'll know specifically if it is firewall related.

              Trying this...

              I did find an old SpiceWorks ticket (thank goodness for documenting) I opened over a year ago when we moved to the Cloud Based Symantec. It was titled New Anti-Virus - DHCP/DNS Issues. But my fault, I didn't document it very well at the solution...at the time, it said I couldn't ping or even connect to C$ on most workstations...my solution read as this:

              "The File/Print sharing option was not allowed in firewall profile. I added it but it still didn't work. It was set to RED and not green."

              That doesn't tell me much...don't know if I changed it on the Symantec End, Windows Firewall end and if that, which server?

              I really do think Symantec mucked up some things...

              Also side note, I have Webroot uninstalled on a suspect machine that will not PING and I actually have all of WebRoot's firewall turned off for all machines...still pinging issues...so guessing it is on the server(s) that I removed Symantec from.

              pchiodoP 1 Reply Last reply Reply Quote 1
              • pchiodoP
                pchiodo @garak0410
                last edited by

                @garak0410 said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up:

                @pchiodo said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up:

                @garak0410

                Hmm. in reading your error message it refers to COM+, but this doesn't seem right. It appears WMI may not have the correct fire wall rules.

                On the Hyper-V server try this:

                netsh advfirewall firewall set rule group="Windows Management Instrumentation (WMI)" new enable=yes

                netsh advfirewall firewall set rule group="Remote Event Log Management" new enable=yes

                Pretty sure Symantec mucked up Windows Firewall.

                You might try turning it off for testing and see if the problems go away. Then you'll know specifically if it is firewall related.

                Trying this...

                I did find an old SpiceWorks ticket (thank goodness for documenting) I opened over a year ago when we moved to the Cloud Based Symantec. It was titled New Anti-Virus - DHCP/DNS Issues. But my fault, I didn't document it very well at the solution...at the time, it said I couldn't ping or even connect to C$ on most workstations...my solution read as this:

                "The File/Print sharing option was not allowed in firewall profile. I added it but it still didn't work. It was set to RED and not green."

                That doesn't tell me much...don't know if I changed it on the Symantec End, Windows Firewall end and if that, which server?

                I really do think Symantec mucked up some things...

                Also side note, I have Webroot uninstalled on a suspect machine that will not PING and I actually have all of WebRoot's firewall turned off for all machines...still pinging issues...so guessing it is on the server(s) that I removed Symantec from.

                I was going to mention that it really sounded like a server side issue with the multiple clients failing on the writes. Google search also provided some Symantec removal tools that might be of assistance.

                You might also attempt to restore the firewall to defaults. You can do this through the Windows Firewall config. There should be an option on the left hand side to restore defaults.

                Like I said previously, you can try and just turn off the firewall on the server and see if the problems go away. If so, you know that it has something to do with the firewall.

                garak0410G 1 Reply Last reply Reply Quote 0
                • garak0410G
                  garak0410 @pchiodo
                  last edited by

                  @pchiodo said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up:

                  @garak0410 said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up:

                  @pchiodo said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up:

                  @garak0410

                  Hmm. in reading your error message it refers to COM+, but this doesn't seem right. It appears WMI may not have the correct fire wall rules.

                  On the Hyper-V server try this:

                  netsh advfirewall firewall set rule group="Windows Management Instrumentation (WMI)" new enable=yes

                  netsh advfirewall firewall set rule group="Remote Event Log Management" new enable=yes

                  Pretty sure Symantec mucked up Windows Firewall.

                  You might try turning it off for testing and see if the problems go away. Then you'll know specifically if it is firewall related.

                  Trying this...

                  I did find an old SpiceWorks ticket (thank goodness for documenting) I opened over a year ago when we moved to the Cloud Based Symantec. It was titled New Anti-Virus - DHCP/DNS Issues. But my fault, I didn't document it very well at the solution...at the time, it said I couldn't ping or even connect to C$ on most workstations...my solution read as this:

                  "The File/Print sharing option was not allowed in firewall profile. I added it but it still didn't work. It was set to RED and not green."

                  That doesn't tell me much...don't know if I changed it on the Symantec End, Windows Firewall end and if that, which server?

                  I really do think Symantec mucked up some things...

                  Also side note, I have Webroot uninstalled on a suspect machine that will not PING and I actually have all of WebRoot's firewall turned off for all machines...still pinging issues...so guessing it is on the server(s) that I removed Symantec from.

                  I was going to mention that it really sounded like a server side issue with the multiple clients failing on the writes. Google search also provided some Symantec removal tools that might be of assistance.

                  You might also attempt to restore the firewall to defaults. You can do this through the Windows Firewall config. There should be an option on the left hand side to restore defaults.

                  Like I said previously, you can try and just turn off the firewall on the server and see if the problems go away. If so, you know that it has something to do with the firewall.

                  While I don't think it would affect anything during business hours, I'll hold off on turning the firewall off until later...

                  pchiodoP 1 Reply Last reply Reply Quote 1
                  • pchiodoP
                    pchiodo @garak0410
                    last edited by

                    @garak0410

                    Always a good idea 🙂

                    garak0410G 1 Reply Last reply Reply Quote 0
                    • garak0410G
                      garak0410 @pchiodo
                      last edited by

                      @pchiodo said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up:

                      @garak0410

                      Always a good idea 🙂

                      But always tempting to try anyway during business hours...

                      1 Reply Last reply Reply Quote 1
                      • garak0410G
                        garak0410
                        last edited by

                        Turned off Windows Firewall on our Domain Controller which is also our DNS and DHCP server...still difficulty pinging some workstations and remote COMPUTER MANAGEMENT still doesn't work...

                        I think I want to tackle one thing at a time...the pinging issue....I'd say about half the workstations won't ping...even with both Webroot and Windows Firewall turned off on the the DHCP/DNS server.

                        So radical idea...should I install WebRoot on the server(s)? I don't think it will work because WebRoot sells itself in working along side other AV programs and it may not turn off the left over Symantec. Just thinking aloud...

                        1 Reply Last reply Reply Quote 0
                        • DashrenderD
                          Dashrender
                          last edited by

                          I'm confused, are you pinging from the server or from the PCs? Assuming you're pinging from the server, if the PC isn't responding, I don't know how that could be the server at all.

                          garak0410G 1 Reply Last reply Reply Quote 0
                          • garak0410G
                            garak0410 @Dashrender
                            last edited by garak0410

                            @Dashrender said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up:

                            I'm confused, are you pinging from the server or from the PCs? Assuming you're pinging from the server, if the PC isn't responding, I don't know how that could be the server at all.

                            Let me bring the post back on track...sorry it is all over the map but you should see my day to day workload (and the pressure to software develop too).

                            Since removing Symantec Endpoint and Migrating to Webroot, our network hasn't been the same with the biggest issue being that I can't ping a handful of workstations (often TO and FROM the domain controller and file server but also my PC)...Also on these PC's that won't ping, I can no longer see C$ shares...and finally, remote COMPUTER MANAGEMENT will no longer work on ANY PC in the domain.

                            SO let's pick on the PC called Estimating02. From my PC, I cannot ping it. When I ping it, it will show the following (edited for security)

                            Pinging estimating02.domainname.local [10.0.0.xx] with 32 bytes of data:
                            Reply from xx.0.0.xx: Destination host unreachable.
                            Reply from xx.0.0.xx: Destination host unreachable.
                            Reply from xx.0.0.xx: Destination host unreachable.
                            Reply from 0.0.0.xx: Destination host unreachable.
                            Ping statistics for xx.0.0.xx:
                            Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

                            About this ping...when it lists the FQDN and IP, it shows the IP assigned to this PC.
                            On the first reply, it showed MY PC address
                            On the last 3 Replies, it showed our Default Gateway Name.

                            Pinging from the domain controller, it did the same, with it showing the IP of the domain controller first and then the IP of default Gateway the next 3 times.

                            On ESTIMATING02, he can ping the domain controller and my PC just fine.

                            DashrenderD pchiodoP 2 Replies Last reply Reply Quote 0
                            • DashrenderD
                              Dashrender
                              last edited by

                              The showing of your own IP is because your computer is stating the not reachable reply...

                              garak0410G 1 Reply Last reply Reply Quote 0
                              • garak0410G
                                garak0410 @Dashrender
                                last edited by garak0410

                                @Dashrender said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up:

                                The showing of your own IP is because your computer is stating the not reachable reply...

                                Right...just trying to be thorough. 🙂

                                If I do a path ping to estimating02, it stop at our default gateway, which is our internet router (hardware)...if I path ping a PC I know is pinging, it goes right to it...

                                DashrenderD 1 Reply Last reply Reply Quote 0
                                • DashrenderD
                                  Dashrender @garak0410
                                  last edited by

                                  @garak0410 said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up:

                                  @Dashrender said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up:
                                  About this ping...when it lists the FQDN and IP, it shows the IP assigned to this PC.
                                  On the first reply, it showed MY PC address
                                  On the last 3 Replies, it showed our Default Gateway Name.

                                  Pinging from the domain controller, it did the same, with it showing the IP of the domain controller first and then the IP of default Gateway the next 3 times.

                                  On ESTIMATING02, he can ping the domain controller and my PC just fine.

                                  These things make me think estimate02 is where the problem is. Likely a firewall issue.

                                  Did your try resetting the network stack?

                                  You could also try completely removing the Nic and the networking protocols. Then reboot and readd.

                                  I really feel the the removal of Symantec is the root of your issue.

                                  There might be a Symantec cleanup program you can run that might fix things.

                                  garak0410G 1 Reply Last reply Reply Quote 0
                                  • DashrenderD
                                    Dashrender @garak0410
                                    last edited by

                                    @garak0410 said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up:

                                    @Dashrender said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up:

                                    The showing of your own IP is because your computer is stating the not reachable reply...

                                    Right...just trying to be thorough. 🙂

                                    If I do a path ping to estimating02, it stop at our default gateway, which is our internet router (hardware)...if I path ping a PC I know is pinging, it goes right to it...

                                    You mean tracert?

                                    1 Reply Last reply Reply Quote 0
                                    • pchiodoP
                                      pchiodo @garak0410
                                      last edited by pchiodo

                                      @garak0410

                                      All right, clearly you have multiple issues. They appear to be all Windows Firewall related:

                                      In the case that you posted, it is clear on the affected system - estimating02 - that inbound requests are being denied. Both from your system and the DC

                                      Additionally, it is not a DNS issue, as this seems to be resolving just fine.

                                      So on estimating02, go turn off any firewalls (just for testing) and try pinging it again. I think you'll find everything works. So then, simply restore the defaults of the Windows Firewall and re-input your exceptions. Then install Webroot.

                                      garak0410G 1 Reply Last reply Reply Quote 1
                                      • garak0410G
                                        garak0410 @Dashrender
                                        last edited by

                                        @Dashrender said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up:

                                        @garak0410 said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up:

                                        @Dashrender said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up:
                                        About this ping...when it lists the FQDN and IP, it shows the IP assigned to this PC.
                                        On the first reply, it showed MY PC address
                                        On the last 3 Replies, it showed our Default Gateway Name.

                                        Pinging from the domain controller, it did the same, with it showing the IP of the domain controller first and then the IP of default Gateway the next 3 times.

                                        On ESTIMATING02, he can ping the domain controller and my PC just fine.

                                        These things make me think estimate02 is where the problem is. Likely a firewall issue.

                                        Did your try resetting the network stack?

                                        You could also try completely removing the Nic and the networking protocols. Then reboot and readd.

                                        I really feel the the removal of Symantec is the root of your issue.

                                        There might be a Symantec cleanup program you can run that might fix things.

                                        Well, estimating02 is just the guinea pig...over half of our PC's are having this issue...and poor estimating02 was rebuilt last week and never had Symantec on it...was rebuild and went straight to WebRoot.

                                        pchiodoP DashrenderD 2 Replies Last reply Reply Quote 0
                                        • garak0410G
                                          garak0410 @pchiodo
                                          last edited by

                                          @pchiodo said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up:

                                          @garak0410

                                          All right, clearly you have multiple issues. They appear to be all Windows Firewall related:

                                          In the case that you posted, it is clear on the affected system - estimating02 - that inbound requests are being denied. Both from your system and the DC

                                          Additionally, it is not a DNS issue, as this seems to be resolving just fine.

                                          So on estimating02, go turn off any firewalls (just for testing) and try pinging it again. I think you'll find everything works. So then, simply restore the defaults of the Windows Firewall and re-input your exceptions. Then install Webroot.

                                          I will give this a shot...if resolved, then I'll tackle why our main drafting program crashes when writing to file server. Will report back results.

                                          garak0410G 1 Reply Last reply Reply Quote 0
                                          • pchiodoP
                                            pchiodo @garak0410
                                            last edited by

                                            @garak0410 said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up:

                                            @Dashrender said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up:

                                            @garak0410 said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up:

                                            @Dashrender said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up:
                                            About this ping...when it lists the FQDN and IP, it shows the IP assigned to this PC.
                                            On the first reply, it showed MY PC address
                                            On the last 3 Replies, it showed our Default Gateway Name.

                                            Pinging from the domain controller, it did the same, with it showing the IP of the domain controller first and then the IP of default Gateway the next 3 times.

                                            On ESTIMATING02, he can ping the domain controller and my PC just fine.

                                            These things make me think estimate02 is where the problem is. Likely a firewall issue.

                                            Did your try resetting the network stack?

                                            You could also try completely removing the Nic and the networking protocols. Then reboot and readd.

                                            I really feel the the removal of Symantec is the root of your issue.

                                            There might be a Symantec cleanup program you can run that might fix things.

                                            Well, estimating02 is just the guinea pig...over half of our PC's are having this issue...and poor estimating02 was rebuilt last week and never had Symantec on it...was rebuild and went straight to WebRoot.

                                            This is likely still a firewall issue. You may find that you have to do this on all your systems. As a side note. if you have Webroot installed, you do not need Windows Firewall. I have found this to be the cause of many issues.

                                            garak0410G DashrenderD 2 Replies Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 5
                                            • 4 / 5
                                            • First post
                                              Last post