Post AWi3yscdR5Z6pADMv2 by lucas@fitt.au
(DIR) More posts by lucas@fitt.au
(DIR) Post #AWi3yscdR5Z6pADMv2 by lucas@fitt.au
2023-06-15T07:02:42Z
0 likes, 0 repeats
Today in #TechSupport: Students started arriving with no WiFi. Specifically, no DNS. Pings worked.`netsh int ip reset` does not work. `netsh winsock reset` does not worka full system re-image does not work.Ethernet works. Other access points work, even different SSIDs on the same infra work.Swapping WiFi cards between two identical machines with the same issue works. I am genuinely out of ideas, theories and animals to sacrifice.I've just been swapping WiFi cards and moving on.
(DIR) Post #AWi3ytN4eQiD9BwSIq by AIaYYAle4i1uKmKpqy.gme@bofh.social
2023-06-15T08:21:53.454017Z
0 likes, 0 repeats
@lucas couple things come to mind...Network/port access control? Are the MAC addresses for the Wi-Fi cards being blocked?Is the MAC addresses are being blocked by some kind of network security device or infrastructure then they can't issue a DHCP request to get an IP and other network configuration.Is 802.1x present on the network?Do the Wi-Fi cards have the correct certificates?Is authentication and access control for 802.1x set up correctly?Is the PKI healthy that's issuing those certificates for 802.1x?
(DIR) Post #AWi75raBzy0NUS5rlo by lucas@fitt.au
2023-06-15T08:28:42Z
0 likes, 0 repeats
@gme DHCP is fine, lease arrives and is correct, renew works, and pings to and from the hosts work. it's just DNS stops responding for that SSID on that card in that laptopThere are a few hundred laptops that don't have this issue running on the network at any one time. What really bakes my noodle: if I have two machines with the issue and do nothing but swap the wifi cards between machines, everything works again. If i swap the cards back to their original machines, they break. 🤯
(DIR) Post #AWi75sFfVlBLZ5UzQ0 by AIaYYAle4i1uKmKpqy.gme@bofh.social
2023-06-15T08:56:46.246233Z
0 likes, 0 repeats
@lucas I'm assuming you use something like WSUS or SCCM to keep the laptops patched and updated so both laptops have the same inventory of KBs installed?Otherwise might be worth checking the WLAN driver Or updating the driver.Can you install Wireshark on the laptop that's not working and look to see what's going on with the packets egressing the device?Would show you if the DNS packets are just getting dropped or if they're getting RST. If they're getting RST then someone installed a firewall somewhere. 😎
(DIR) Post #AWiByEqM8D4d5OpzCS by lucas@fitt.au
2023-06-15T09:49:20Z
0 likes, 0 repeats
@gme yes to sccm, and my co-worker always updates drivers when they see a machine needs it anyway (one of the many reasons i love them)i've also checked for random VPN software (students think it'll 'fix' their restricted browsing 'problem' - it never does)wireshark is a good idea, i'll have a look at that in the morning!basically all i've got is "it is not working because it does not work" at the moment 😑
(DIR) Post #AWiByFhAxpKBjDYAWu by AIaYYAle4i1uKmKpqy.gme@bofh.social
2023-06-15T09:51:24.791940Z
0 likes, 0 repeats
@lucas Yeah. I worked for a large electric utility and we had so many segmented networks between offices, data centers, plants, etc. Some equipment was IT, some was OT, etc. Wireshark was the first thing anyone installed whenever there was the slightest problem. It cut down on the diagnostic time tremendously.“Ah! The packets are getting dropped on the 172 subnet! GRIFFIN! Did you make a firewall change?!” 😂