Windows 7 Network Hates Me...

[DocGreen]

You know that embarassing moment when you can't get your home network to function properly... and you're an IT guy? Yeah... that's happening. I've been fighting with this problem for months, and I'm finally at a complete loss. Here's the Netmap:

Blue link is USB... Green links are Ethernet... Dashed Orange are Wireless... Dashed Purple is a WIFI bridge... Red is COAX.
I'm using a WIFI repeater bridge to increase the range of the WIFI... and it also ended up being a convenient place for the PBX to tap into the network. The laptops hop between the two WIFI routers depending on where we are in the house... though usually they are all connected to the repeater. The problem exists regardless of which WIFI router is being used to connect.


The problem I'm having is basically that Amanda's laptop can't see any other devices on the network... and therefore can't print or access the file server. The printer was originally connected to the server, and I switched it to my PC hoping for a quick fix, but no joy.

All of the computers are a member of "WORKGROUP" (except for the server... but there's a reason for that). None of the computers are using a Homegroup (I ran into problems accessing the server when Homegroup was enabled)... instead all the computers are setup to use usernames/passwords to access shares. Every other computer on the network can connect to and print to the printer just fine, as well as see all other devices. Amanda's computer has Network Discovery turned on, as well as File & Print Sharing. Amanda's laptop CAN access my PC directly by IP address, and from there can connect to the printer and print... but once the computer is restarted, she loses the connection.

Also, I meant to indicate this in the drawing, but all computers are Windows 7 except the Server (Server 2k8 R2) and the PBX (CentOS).

Any ideas here would be great... I've run out of them at this point.

 

[GeeksInKhakis]

In XP, whenever I had an issue like this, I would add netbios to each pc in addition to tcpip and that usually cleared things up.

 

[oldtech]

Didn't mention Windows Firewall Status/settings? If Amanda's is per chance set to "public" or "unidentified" that might explain it. Personally, I would disable all the firewalls on the inward facing stuff until you have it resolved.

 

[onetech4all]

Re:

I didn't see anything about the DHCP settings? Which router gives out IPs? Or do the computers get the IPs from the server? Have you done an ipconfig /all on a working computer and on a none working computer? Are the results the same?

Amanda's laptop CAN access my PC directly by IP address

- so you cannot resolute your computer name to IP from Amanda's computer. Check your DNS settings for Amanda. Check DNS settings on the server.

 

[citizensmith]

Didn't mention Windows Firewall Status/settings? If Amanda's is per chance set to "public" or "unidentified" that might explain it. Personally, I would disable all the firewalls on the inward facing stuff until you have it resolved.

^^^this and would use cat 5 to temp connect amanda to main router. Can't see other devices - does it Ping by ip / name okay?

Most excellent diagram and fault description.

 

[YeOldeStonecat]

Since the computers are in workgroup mode, and not members of Active Directory ....the server doesn't have to run DHCP for the network and provide DNS for the network. However..."why not" have the workstations joined to AD..and ensure that the server is running DHCP and is the only DNS source for the network...and avoid all of these common "peer to peer/workgroup" headaches and time wasters?

Can her computer ping the server by IP and get replies?
Can her computer go start...run \\servername <enter> and bring up the server shares or at least a user/pass challenge?
If the answer is "yes" to these...you have a name resolution issue...dig into DNS, and go into her advanced TCP/IP properties and enable netbios over TCP/IP.

Better yet...get them joined to the active directory and have that server do DHCP 'n DNS for the network.

 

[nlinecomputers]

What devices are providing DCHP, DNS, and WINS for this network? The server? The DD-WRT router connected to the cable modem? If you are connected to that router and not the repeater do the results improve? What about when connected wired?

Why do you have an AD on your server and are not using it to manage your workstations?

 

[SAG]

Awesome diagram Doc, what did you use?

Does "ipconfig /all" show the EXACT same information on her laptop (aside from IPV4 Address) as it does on your netbook and laptop?
If you cable her laptop to the 192.168.1.1 router, does the problem still exist?
Does she have some sort of software firewall (internet security) suite installed?

Oh, and when are you going to install Debian on that netbook?

 

[brandonkick]

Everyone here who has already offered advice knows way more about this then I do, but I just wanted to throw this in.


What antivirus suite does she run? I know we had an issue when I changed over our work systems / network with employees not being able to access quickbooks (served from a central computer which belongs to the owners secretary). The problem wound up being settings in Avast antivirus. Once I disabled avast the employees could get in to quickbooks.

 

[DocGreen]

OK. I'm going to try an answer all of the questions!

Windows Firewall Status: All computers are running Windows Firewall w/ standard settings (no custom rules defined), and the network is set as "private." Disabling the firewall has no effect.

DHCP Settings: Router at 192.168.1.1 is currently set to distribute IP addresses.

DNS Settings: Her laptop has OpenDNS set as static DNS servers (as do my laptops). The router is also set with the same static DNS settings, so any computers with DNS set to "autoconfig" would be getting the same DNS settings.

Computer can ping other devices by IP.
Computer can ping MY PC, but response is given as IPv6 (all other devices return a IPv4 response)
Computer can browse server by going to \\IP-Address, but not \\servername
Computer can browse MY PC by going to \\IP-Address AND \\servername

Why not use Active Directory? I'd only configured the server as a domain controller because I was attempting to run a WDS server on it and that was required, however after hitting a few snags and reading a bit more I'm probably going to install a linux-based PXE server instead.

Connecting wirelessly to the Router (instead of repeater) doesn't resolve the issue.

When am I installing Debian? Amanda actually likes using Ubuntu, so I may actually end up dual-booting it.

What antivirus: Amanda is running Avast! Free, as are the other laptops. I'll double check her Avast settings. FYI, I had that same issue with a customer and disabling just the "Behavior Shield" solved the problem.


Thanks for all the input! I'm off to verify some of the answers I gave and try some of the suggestions!

 

[YeOldeStonecat]

Since Windows 2000 came out, they prefer to use DNS for internal network resolution...not just for navigating "the web".

So if you have workstations using external DNS servers for resolution, they'll be as capable of navigating around your local network as a blind man running a tough mudder obstacle course.

Your router is already set to OpenDNS....it will do DNS forwarding, allow it to pass itself out for internal DNS (192.168.1.1). It keeps a local DNS table of host names, so when clients query it for network browsing, they'll find local hosts much easier.

 

[DocGreen]

So I went through and checked some things... on Amanda's laptop there were 2 outdated entries in the HOSTS file... one for the server and another for MY PC. I removed these entries and now her laptop can see MY PC and browse/print to it.

She still can't see any other devices, other than MY PC she really doesn't need to. None of the computers can see the server due to it being on a domain, and none of the other devices have meaningful shares.

I'm kind of annoyed that the problem has gone away so easily. Something tells me that it's only gone temporarily.

 

[TenYardFight]

Workgroup clients can "see" servers on a domain. Type \\servername in the run prompt.

 

[DocGreen]

Workgroup clients can "see" servers on a domain. Type \\servername in the run prompt.

I was referring to Network Discovery... If you click "Network" under Start Menu to view computers and devices on your network, domain servers won't show because they aren't in the "WORKGROUP."

All the computers can access the server by typing \\servername (or \\ipaddress)

 

[nlinecomputers]

So I went through and checked some things... on Amanda's laptop there were 2 outdated entries in the HOSTS file... one for the server and another for MY PC. I removed these entries and now her laptop can see MY PC and browse/print to it.

She still can't see any other devices, other than MY PC she really doesn't need to. None of the computers can see the server due to it being on a domain, and none of the other devices have meaningful shares.

I'm kind of annoyed that the problem has gone away so easily. Something tells me that it's only gone temporarily.

If you would point your DNS to your router as Stonecat advises then you'd be able to see the entire network. You can't see your network by name because a DNS server for the whole world doesn't have information for your locale network. THAT is why you can't see anything. I doubt ANY workstation on your network can ping any other by a name. If it can it is because you manaually added it via the host file. (you mentioned having an out dated host file.) A properly setup network should not NEED a host file.

 

[DocGreen]

If you would point your DNS to your router as Stonecat advises then you'd be able to see the entire network. You can't see your network by name because a DNS server for the whole world doesn't have information for your locale network. THAT is why you can't see anything. I doubt ANY workstation on your network can ping any other by a name. If it can it is because you manaually added it via the host file. (you mentioned having an out dated host file.) A properly setup network should not NEED a host file.

The laptops have OpenDNS set statically because they're frequently used outside of this network and occasionally come across screwed up WIFI networks with incorrect DNS settings which otherwise wouldn't allow internet access. Like I said... Amanda's Laptop is the only one that can't resolve local host names. The only reason SHE had host file entries is because, like I originally said, I've been messing with this problem for quite a while and adding an entry to the hosts file was one of the things I tried (unsuccessfully).

BTW the hosts file is used for a lot more than just as a band-aid for poorly configured networks... I use it for blocking ads and known bad sites. Combined with OpenDNS's own filters, it's pretty effective.

 

[DocGreen]

...You can't see your network by name because a DNS server for the whole world doesn't have information for your locale network. THAT is why you can't see anything. I doubt ANY workstation on your network can ping any other by a name. If it can it is because you manaually added it via the host file. (you mentioned having an out dated host file.) A properly setup network should not NEED a host file.

Like I said... not a problem on any PC but Amanda's

And no... no hosts file entry for local PC's. Local PC's are all dynamic anyways, except for the server, so any hosts entry would eventually be incorrect. See attachment for current Hosts files.

 

[DocGreen]

Since Windows 2000 came out, they prefer to use DNS for internal network resolution...not just for navigating "the web".

So if you have workstations using external DNS servers for resolution, they'll be as capable of navigating around your local network as a blind man running a tough mudder obstacle course.

Your router is already set to OpenDNS....it will do DNS forwarding, allow it to pass itself out for internal DNS (192.168.1.1). It keeps a local DNS table of host names, so when clients query it for network browsing, they'll find local hosts much easier.

Agreed, and I do this for machines that don't leave the network. It's only for laptops that connect to several different WIFI networks that I use static DNS settings. Still, I could try switching Amanda's to pick up DNS from the router to see if that helps... I just don't understand why my 2 laptops work just fine with this configuration, but her's doesn't.


*EDIT* BTW Stonecat, didn't see your post until after nline referenced it.