Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up
- 
 @garak0410 said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up: Running CLEANWIPE on Domain Controller/DNS/DHCP server had no effect...this has to be something with Windows Firewall on that server but I just don't know what it is... have you disabled the firewall on the Server and disabled the firewall in Webroot to remove them from suspicion? 
- 
 @Dashrender said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up: @garak0410 said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up: The perils of being a SOLO IT Director (and IT guy)...not only is management demanding this be fixed, but for me to develop on a project they want progress on, and troubleshoot why AutoCAD LT 2017 stopped working today for users, and why a VBA Spreadsheet is crashing when it hasn't in the past, and why a few of our IP Camera's went down and why some printers are smudging on PDF's, and why our drafting program still locks up since we migrated to WebRoot. They've even suggested maybe we shout outsource part of my job for a few weeks to get caught up...ego hit! If you were at ML Con you would have heard several people tell you that if you're a one man shop.. using outside resources like that as needed should be expected and used. But I'm with you.. how is it not an ego hit? But there are times when you just need to put your head down and work on a problem, and working on a printer just isn't important enough for you to handle yourself.. so if given the chance to outsource.. dude, take it! The bad thing, you'll spend probably a half a day getting that person up to snuf on your network so they can be sorta effective. Just need to not think that they may want to replace me if I can't solve this... @Dashrender said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up: @garak0410 said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up: Running CLEANWIPE on Domain Controller/DNS/DHCP server had no effect...this has to be something with Windows Firewall on that server but I just don't know what it is... have you disabled the firewall on the Server and disabled the firewall in Webroot to remove them from suspicion? Yes I have done this...but question...how long should I leave it off to test...I tried for a few hours and it didn't' seem to resolve anything... 
- 
 @garak0410 said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up: Just need to not think that they may want to replace me if I can't solve this... No one person is an island of knowledge, not even @scottalanmiller. For them to expect you to be able to answer any and every question without either asking someone else, or looking it up is insane - do you really want to work for those people? have you disabled the firewall on the Server and disabled the firewall in Webroot to remove them from suspicion? Yes I have done this...but question...how long should I leave it off to test...I tried for a few hours and it didn't' seem to resolve anything... damn - so disabling both windows firewall and webroot firewall and you still have the problem. Here's a testing though, spin up a VM with the same OS as your DC and try to connect to that recently rebuilt PC that never had Symantec on it. See what you get. Are you sure you don't have GPOs pushing something out causing this? Do the machines having the problems, are the problems constant and consistent? 
- 
 @Dashrender said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up: @garak0410 said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up: Just need to not think that they may want to replace me if I can't solve this... No one person is an island of knowledge, not even @scottalanmiller. For them to expect you to be able to answer any and every question without either asking someone else, or looking it up is insane - do you really want to work for those people? have you disabled the firewall on the Server and disabled the firewall in Webroot to remove them from suspicion? Yes I have done this...but question...how long should I leave it off to test...I tried for a few hours and it didn't' seem to resolve anything... damn - so disabling both windows firewall and webroot firewall and you still have the problem. Here's a testing though, spin up a VM with the same OS as your DC and try to connect to that recently rebuilt PC that never had Symantec on it. See what you get. Are you sure you don't have GPOs pushing something out causing this? Do the machines having the problems, are the problems constant and consistent? I'll disable the Windows Firewall on the DC and FIleServer again just to be sure...fairly safe to do during business hours... 
- 
 @Dashrender said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up: @garak0410 said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up: Just need to not think that they may want to replace me if I can't solve this... No one person is an island of knowledge, not even @scottalanmiller. For them to expect you to be able to answer any and every question without either asking someone else, or looking it up is insane - do you really want to work for those people? have you disabled the firewall on the Server and disabled the firewall in Webroot to remove them from suspicion? Yes I have done this...but question...how long should I leave it off to test...I tried for a few hours and it didn't' seem to resolve anything... Are you sure you don't have GPOs pushing something out causing this? No, I really don't use GPO but I will check it out... 
- 
 I can't explain it as we did try this stuff throughout this thread...but as far as the Workstations not pinging, it was a Windows Firewall Issue...I disabled it (which I KNOW we tried on other workstations when troubleshooting) but tried it last night and it worked...and I know we looked but guess didn't look hard enough but ALL File/Print Sharing Options were disabled...ALL of them...so I'm leaving Windows Firewall On but enabling the domain rules for File/Print Sharing...I swear I checked this. I guess I don't know who or what to blame for these settings being turned off, but guessing it was Symantec Endpoint on the uninstall. So, I will go around and fix the affected workstations and hopefully close this off my list. One thing I can't do on ANY PC right now, even those that could ping, is remote COMPUTER MANAGEMENT...hasn't worked since the Endpoint Migration. Is there a specific setting in Windows Firewall to turn that back on or could that be something on the domain controller, since the "pinging PC's" couldn't even do this... 
- 
 Check your Windows Firewall settings and ensure that Windows Remote Management is checked... (screenshot is from a non-domain joined machine)  
- 
 @dafyre said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up: Check your Windows Firewall settings and ensure that Windows Remote Management is checked... (screenshot is from a non-domain joined machine)  Tried that...still get this and then it says it cannot be connected... 
  
- 
 @garak0410 said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up: @dafyre said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up: Check your Windows Firewall settings and ensure that Windows Remote Management is checked... (screenshot is from a non-domain joined machine)  Tried that...still get this and then it says it cannot be connected... 
  Check the WinRM service is started? 
- 
 @dafyre said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up: @garak0410 said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up: @dafyre said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up: Check your Windows Firewall settings and ensure that Windows Remote Management is checked... (screenshot is from a non-domain joined machine)  Tried that...still get this and then it says it cannot be connected... 
  Check the WinRM service is started? It was stopped and on manual...started it and set to automatic...rebooted...still can't access it on this one PC...will test on another PC where I know the user is out today. So really, what could have caused all these Windows Firewall settings and remote services to be so messed up? I'm guessing it was the "Scorched Earth" of Symantec removal but weird it was hit and miss... 
- 
 @garak0410 said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up: @dafyre said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up: @garak0410 said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up: @dafyre said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up: Check your Windows Firewall settings and ensure that Windows Remote Management is checked... (screenshot is from a non-domain joined machine)  Tried that...still get this and then it says it cannot be connected... 
  Check the WinRM service is started? It was stopped and on manual...started it and set to automatic...rebooted...still can't access it on this one PC...will test on another PC where I know the user is out today. So really, what could have caused all these Windows Firewall settings and remote services to be so messed up? I'm guessing it was the "Scorched Earth" of Symantec removal but weird it was hit and miss... Symantec's removal process has always been painful, and has always done odd things like this, based on what patches were installed when Symantec was installed. 
- 
 @DustinB3403 said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up: @garak0410 said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up: @dafyre said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up: @garak0410 said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up: @dafyre said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up: Check your Windows Firewall settings and ensure that Windows Remote Management is checked... (screenshot is from a non-domain joined machine)  Tried that...still get this and then it says it cannot be connected... 
  Check the WinRM service is started? It was stopped and on manual...started it and set to automatic...rebooted...still can't access it on this one PC...will test on another PC where I know the user is out today. So really, what could have caused all these Windows Firewall settings and remote services to be so messed up? I'm guessing it was the "Scorched Earth" of Symantec removal but weird it was hit and miss... Symantec's removal process has always been painful, and has always done odd things like this, based on what patches were installed when Symantec was installed. This may be for another post, but once this is done, then I need to find out why our drafting program, that writes heavily to network shares, just randomly locks up during the heavy writing. Exiting and going back in will fix it but it returns later...no logs generated, wireshark doesn't report anything...wondering if there is a firewall setting on file server I need to check... 
- 
 @garak0410 I would find it odd that a firewall rule would only cause issues during heavy usage. I would lean towards a NIC issue as being the culprit. 
- 
 I agree probably a NIC issue. I'd do a TCP stack reset. Of course that will knock it offline, so after-hours. 
- 
 Nice find on the firewall being the main cause. Sometimes a reboot is required before settings really take effect. What network do the machines think they are in? Public/work/private? It needs to match the firewall rule you enabled. You should deploy the firewall settings you want via GPO to ensure they don't randomly change... or if they do, they change back on the next GPO update. 
- 
 @Dashrender said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up: I agree probably a NIC issue. I'd do a TCP stack reset. Of course that will knock it offline, so after-hours. NIC on the virtual host since the file server is on a VM? Not everyone is locking up...but tends to be the same 4-5 people...can't imagine that many NIC's causing it and I've yet to duplicate it on my machine, WHEN I have the time... 
- 
 @garak0410 said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up: @Dashrender said in Most Workstations Don't Ping But Are Connected - Some Network Apps Are Locking Up: I agree probably a NIC issue. I'd do a TCP stack reset. Of course that will knock it offline, so after-hours. NIC on the virtual host since the file server is on a VM? Not everyone is locking up...but tends to be the same 4-5 people...can't imagine that many NIC's causing it and I've yet to duplicate it on my machine, WHEN I have the time... Yes, on the VM, not the host. 



