Laptop Blocked from just Internet via Wifi or LAN

CMTech1
Getting noticed

Laptop Blocked from just Internet via Wifi or LAN

Hi Think Tank!

 

So the short of the long is this and we're a bit befuddled here.

 

We have a full stack network so MX100 and a few MS225's so you know, but this isn't just this one site as now another site had same issue with laptop not connecting.

 

Anyway, we had three laptops over the past four months that all the sudden are unable to access the internet. All three laptops are different models though all HP's (ProBook & EliteBook) with Win10 two with 1909 and one was 1803. We ran multiple malware and proxy scans from our Anti-Virus and Malware solution provider as well as other vendors with no issues. No same MS Updates are on all three, however we did roll back two updates that were within the week prior to the issue happening on two of them with no luck.

 

We reviewed everything we could within Meraki dashboard and finally called Meraki support. Funny thing is they were puzzled too after working with one laptop for a couple hours trying to figure out the issue while reviewing packet and live connection. If I take the laptop and connect to our backup network or used remotely outside the offices they work fine so we know it's not the laptops. I would think something blocking the MAC, but Meraki Support had no clue even when we moved the one laptop to our DevOps network and it worked fine. Again, nothing was changed as far as Meraki settings at either of these locations where it occurred and with Meraki not sure........well here I am asking the think tank!

6 Replies 6
PhilipDAth
Kind of a big deal
Kind of a big deal

Is this a wired notebook plugged into a MX?

 

In the dashboard, when you click on the client, does it show any firewall policies active?

 

Does the machine get an IP address via DHCP, and if so, does that work ok?  What is doing DHCP?

 

Is the machine able to resolve DNS entries using nslookup?

ww
Kind of a big deal
Kind of a big deal

If the device support changing the mac address at network adapter > advanced setting.  you can change it to see if the macc-addr is a problem

CMTech1
Getting noticed

@ww

 

I guess I could try a third MAC, however WiFi and LAN experience the same issue though can try possibly a USB Wireless or MAC spoofing as you mention.

PhilipDAth
Kind of a big deal
Kind of a big deal

Slim chance, but I have seen MTU issues cause this problem.

 

Lets try dropping the MU on a test machine.  From a command prompt go:

netsh interface ipv4 show subinterface
Choose the correct interface and (change interface name to match the interface you are using):
netsh interface ipv4 set subinterfaceLocal Area Connection 2mtu=1300 store=persistent

Does web browsing work now?

 

If you do a packet capture on Meraki, do you see the request from the client, do you see the reply from the server?

CMTech1
Getting noticed

Hi All,

 

I found the cause, but not the root cause/reason and have to contact our A/V-Malware security vendor.

 

Even though this laptop has the same security policy as others something was causing this particular laptop, and likely the other two we had, block all internet traffic. A thorough review of this particular laptop event logs and the security system (A/V-Malware) log files didn't show anything wrong on this device, nor do we have any definitive answers at this time. We have hundreds of other systems using the same exact security policy, same Win10 version and same updates applied so very strange.

 

Hopefully the vendor can shed some light on this, but for now thanks to everyone that responded!

CMTech1
Getting noticed

@PhilipDAth,

 

Yes, the laptop can be plugged into the LAN and/or WiFi and still doesn't work

 

No policies are set against this device as validated during diag session with Meraki.

 

Get's DHCP from local DC. No reservations and/or MAC deny filters shown.

 

Yes, DNS works fine. Can even ping google.com, msn.com or whatever though when you launch the browsers either Chrome, IE or Edge they just don't load webpages.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels