Sudden loss of connectivity in our SBS 2011 domain network
I scanned through that really long troubleshooting session, and it looks like the problem was the antivirus on the server playing with firewall settings?
If that's the case, your permanent solution was alluded to in your troubleshooting session. Don't install that Symantec AV on the server, or at least don't use anything that inserts a third-party firewall. Use the built-in firewall that is managed by Windows and group policy.
Related videos on Youtube
09 : 21
02 : 44
13 : 44
02 : 44
02 : 26
Swaminathan Shanmugam
Updated on September 18, 2022Comments
-
Swaminathan Shanmugam almost 2 years
In our company we are having one windows sbs 2011 domain controller and around 50 pcs with Windows XP professional sp3 and some laptops with Windows 7 professional SP2; Antivirus is Symantec Endpoint Protection loaded in separate pc made server and all are configured; working perfectly until today afternoon.
All of a sudden lot of calls started coming to IT ROOM complaining about the lost of connection between dc and the clients. We checked the pc's in our IT ROOM for myself and colleague starting to troubleshoot from our pc's since we also lost the connectivity.
ping not working from any pc to DC
ping not working with default gateway from the pc's lost connection
layer 2 connectivity is ensured OK by connecting my pc through live bootcd and ping works with dc, gateway; I opted for live boot cd since I rebooted my pc and the dc couple of times; no effect
default gateway which is our ADSL ROUTER LAN IP is pinging from the DC and internet is working
DC's antivirus, Symantec Endpoint Protection, is stand alone not in sync with the Symantec server. Also a client pc which is loaded with kaspersky antivirus also having the same problem. So the Symantec Endpoint Protection server possibility can be isolated.
Restarted the DC and chose last known good configuration; same symptom
found one windows server 2003 loaded as a member server in the domain still working; pinging with the DC; able to access the folders in DC ; afraid to restart and check since on a Windows XP machine lost connectivity after restarting
N.B: all the clients are getting IP from dhcp in DC
When pinging request timed out is the result and the gpresult of the client pc's give generic failure
The current problem is temporarily solved !!!
I need a permanent solution.
The full details are at http://social.technet.microsoft.com/For ... e3d9354ac5 where I posted this issue first
-
user1364702 over 12 yearsYour link is broken. I'm not sure what exactly you're saying the cause/temporary fix was?
-
Swaminathan Shanmugam over 12 yearsNow I edited my link Please have a look!
-
Rob Moir over 12 yearsDisagreeing with Susan Bradley about how SBS server works is a lot like disagreeing with Shakespeare about what the author of "Romeo and Juliet" was thinking when he wrote the balcony scene, by the way. -
user1364702 over 12 yearsThere's a running troubleshoot at the link, but really the issue should have been summarized with your discovery of a workaround here, not a pointer to the offsite link (or the link as a reference, not the canonical detail of the issue)
-
Swaminathan Shanmugam over 12 yearsHi Bart Silverstrim I agree with you and I also suspect something has caused from symantec antivirus only Now my question is that symantec antivirus was working without any problems in that server for the past 5 1/2 months ; how all of a sudden it would have caused this issue?\
-
Swaminathan Shanmugam over 12 yearsHi Chris Then how was the same symantec endpoint protection was working without any problems for the past 5 1/2 months ? Myself only handling the server; no policies or settings changed in the server
-
Swaminathan Shanmugam over 12 yearsHi As the current network is brought to normal after the resetting of IP & WINSOCK , is it safe to re-enable the disabled policies? Thanks
-
Philip over 12 yearsI still don't know what is actually wrong, and it sounds like you don't either... So I don't know if it's safe to reenable the policies or not, we don't know what they broke in the first place. -
Swaminathan Shanmugam over 12 yearsActually I have elaborated my issue in the link at social.technet.microsoft.com/Forums/en-US/smallbusinessserver/… And my question is what do the disabled policies have effect on the client ? After doing the reset of ip & winsock in client and having the mentioned policies enabled in the dc , the problem was not solved.Only the combination of resetting IP & WINSOCK with mentioned policies disabled, only then the network connectivity established .....Any ideas?
-
Philip over 12 yearsYep, read all that, still don't know what the problem is. Have you looked at the RSOP for the Policies?
-
Swaminathan Shanmugam over 12 yearsWhen I faced that problem, I ran gpresult in the affected client pc ; I got the result of some texts noting about the applied policies, in the end of the text I got something " general failure" .I am waiting for re-enabling the disabled policies and test during the off production hours and will update all
-
Swaminathan Shanmugam over 12 yearsHi As the issue is temporarily solved by disabling some policies in SBS 2011, I need to know the facts on the effect of this policies on this network issue I suspect something from firewall component of Symantec Endpoint protection has changed the settings in the firewall of SBS 2011 Please help me to get the facts and solve the issue permanently And another question is two 2003 servers were not affected by this issue but all the windows xp, vista & windows 7 clients all got affected
-
user1364702 over 12 yearsCould a component have been updated or auto-updated? Check your version numbers. It's pretty obvious that something in that AV is causing the problem; is it worth your time to continue tracking the component, or just scrapping that AV and using another solution on the servers?
