I have a colocated Windows Server 2008 machine that replies to PING from some machines but not others (not most machines). I'm not sure where to start to diagnose what the problem is.
The server is a slightly odd setup: The server itself (S1) is running Hyper-V and ADDS. It has one NIC connected via Hyper-V to a virtual machine (S2) which acts as my Remote Access server. This connects all the other VMs and the physical machine to the external virtual network - ie to the internet. This has port forwarding for HTTP and HTTPS to a separate VM running as an application server (S3). The remote access server also allows VPN connections, so I normally connect via VPN and then can Remote Desktop or do filesharing or whatever.
When I ping the server's external IP address from my machine or a colleague's machine (whether connected via VPN or not) I get a response. However, when I ping it from other machines (an amazon machine, various friend's machines, etc) it times out.
This was working fine some time back and I don't think I changed anything on the server, then it stopped working. Initially this made me think it was something to do with my colocation provider, but they don't think so. And I guess the most likely explanation is something is messed up on my server. But where to start?
In Windows Firewall on S2 (remote access server) I have "File & Printer Sharing (Echo Request - ICMPv4-In)" enabled. It has an IPv4 address. (I did check if enabling ICMPv6 rule made any difference, but no).
I also tried changing the default policy on Windows Firewall to Allow instead of Block. This didn't fix the problem so I changed back.
I think the Computer Browser service used to be what responded to ICMP so I've checked and see that's Disabled on the remote access server (S2). I tried enabling and starting it but it stopped immediately. So now I've set it back to disabled.
The three laptops that PING works from are all machines that we connect to the VPN from. I don't see why that would make a difference though. One laptop is part of the same domain, but the others are just part of a workgroup.
Any suggestions?
Also, what part of which machine should be responding to the PING? Is it the physical server or the VM running remote access?
No comments:
Post a Comment