Is it Routing or DNS issue?

[lonetree]

Hi all,

I recently face a problem on windows 7 unable to access many sites in my office network.

The whole story goes like this.

As my company is a regional subsidiary, we have a cisco router that route back to the main office for applications and emails. The local LAN has a fortigate 60 that has an ip address of 172.16.0.13 while the cisco router has an ip address of 172.16.0.1. We have a Win2K server (172.16.0.12) as the DHCP server which has 4 entries of DNS and 2 entries of gateway(172.16.0.1 & 172.16.0.13). the 4 entries of DNS being 210.80.58.205 and 210.80.58.210. 172.16.10.201 and 172.16.0.202 are the DNS for network application.

The Problem :
Everything has been working fine for all the Windows XP machine, they are able to surf the net, check mails from exchange server and access application. However, for the Windows 7 machines, I have no luck at all. surfing of sites are most of the time time-out or not accessible at all (ping to the webserver is successful though). However, checking of emails from exchange server and accessing application on main office server has got no problem. I did a ipconfig /all and it shows identical from the Windows XP ones.

Next, I tried with a static ip setting on Windows 7, with gateway pointing to 172.16.0.13(fortigate) and DNS pointing to 210.80.58.205 & 210 yield great success on surfing websites, BUT, accessing exchange server and running application is unsuccessful. As you can see, I get one I don't get the other.

I hope someone can help me out on this and point to me what and where went wrong, like I said, Win XP machines has not problem at all. What kind of issue is this? Routing or DNS?

Thanks in advance

regards,

Lonetree

 

[chev65]

Ok, so you found out that adding a static DNS from your server works on the Win 7 machines to get it past the DNS problem.

Have you tried going into the advanced TCP/ip properties on the Win7 machine then listing the DNS servers, static IP's, subnets, gateways, this might allow you to switch between the two modes "static DNS" or server assigned more easily.

 

[lonetree]

Hi Chv65,

thanks for your swift reply. I did try to add additional DNS entries in the advance option, but it still doesn't work smoothly. Sometimes it does load and most of the time it doesn't. Also, as most of the host computer are notebook, I am afraid that these additional DNS entries might cause further complication when they bring out of the office environment. Which in turn becomes my problem again.

In your opinion, what do you think might be causing the issue here?

Thanks

Best Regards,

lonetree

 

[chev65]

Hi Chv65,

thanks for your swift reply. I did try to add additional DNS entries in the advance option, but it still doesn't work smoothly. Sometimes it does load and most of the time it doesn't. Also, as most of the host computer are notebook, I am afraid that these additional DNS entries might cause further complication when they bring out of the office environment. Which in turn becomes my problem again.

In your opinion, what do you think might be causing the issue here?

Thanks

Best Regards,

lonetree

As far as accessing the exchange server, have you tried adjusting the Lan manager authentication level, set to send LM and NTLM responces only on the Win7 machine?

Control Panel - Administrative Tools - Local Security Policy

Local Policies - Security Options



Network security: LAN Manager authentication level
Send LM & NTLM responses

Minimum session security for NTLM SSP
Disable Require 128-bit encryption


Also the TCP/ip window is made for connecting to more than one subnet so I don't think the settings there will hurt anything. It just makes it easier to move from one network to the next.