Can't ping gateway but can access internet?

I've recently taken over the IT Support role at two small primary
schools. One of which has had ongoing issues with internet access over
the last few weeks. (I only attend the campuses a few days a week so
trouble shooting this issue along with other issues has been
painstaking.)

Both schools are part of a VPN the one with the issue has two subnets
both from a Cisco 1700 router. The admin LAN has had no problems
however the school LAN has.

The server is 2003 and is the DC and runs DNS, DHCP and AD. Checks of
the DNS and DHCP settings appear to be correct as I have the admin LAN
and the other school to compare with.

Now the issue is that clients on the school LAN have intermittent
internet access.

- The browsers point to an upstream proxy server, there is no local
proxy.
- The server can always appear to access the internet via upstream
proxy even though it can't ping the gateway.
- The routing table appears correct and matches the admin side (apart
from the IP addresses of course).
- Pingplot over a 6 hour period from a client shows that when the
gateway (the school side of the router) can be pinged the proxy can't
be reached and vice versa.
- There are intermittent periods when the gateway can be pinged and
not.
- The server never seems to be able to ping the gateway.
- Constant pings of the gateway from the server get returned with two
errors randomly - Time out and Net unreachable.
- When the router is powered down and back up all works fine for about
45 seconds before returning to the up/down state.

Any thoughts?? Faulty router?

Thanks

> I've recently taken over the IT Support role at two small primary
> schools. One of which has had ongoing issues with internet access over
> the last few weeks. (I only attend the campuses a few days a week so
> trouble shooting this issue along with other issues has been
> painstaking.)
>
> Both schools are part of a VPN the one with the issue has two subnets
> both from a Cisco 1700 router. The admin LAN has had no problems
> however the school LAN has.
>
> The server is 2003 and is the DC and runs DNS, DHCP and AD. Checks of
> the DNS and DHCP settings appear to be correct as I have the admin LAN
> and the other school to compare with.
>
> Now the issue is that clients on the school LAN have intermittent
> internet access.
>
> - The browsers point to an upstream proxy server, there is no local
> proxy.
> - The server can always appear to access the internet via upstream
> proxy even though it can't ping the gateway.
> - The routing table appears correct and matches the admin side (apart
> from the IP addresses of course).
> - Pingplot over a 6 hour period from a client shows that when the
> gateway (the school side of the router) can be pinged the proxy can't
> be reached and vice versa.
> - There are intermittent periods when the gateway can be pinged and
> not.
> - The server never seems to be able to ping the gateway.
> - Constant pings of the gateway from the server get returned with two
> errors randomly - Time out and Net unreachable.
> - When the router is powered down and back up all works fine for about
> 45 seconds before returning to the up/down state.
>
> Any thoughts?? Faulty router?
>
> Thanks
>

DNS!

VPN complications aside (for now), seemingly intermittent Internet
connectivity (and LAN name resolution) is a classic symptom of a
mis-configured DNS. This can be on the client side or the server side or
both.

Bottom line... all clients should point only to a DC in their TCP/IP
properties (this includes the DNS client of your DC and other servers!).
Specifically, the ISP provided (or external DNS) should NOT be in the DNS
client's TCP/IP properties. The DC DNS server should be configured to
forward all unknown requests to the ISP provided DNS server or the upstream
router (which can then do this).

-Frank