Q: We see many incomplete status under Application in our Paloalto Firewall. Is this application issue or Firewall issue?
A: Based on our experience, this is Application issue. It could be the user enter incorrect credentials. Or firewall blocks the connection, for example firewall may opens a port 21 for FTP, but FTP passive mode uses port rang from 1024 to 65535.
Situation: The client has two remote servers for users to access. Internal users don’t have a problem to access the RD servers. Sometimes, outside users loss the connection after login.
Troubleshooting: 1. From Paloalto firewall Monitor, we do see some RDP connections are imcomplete.
2. We find the client has 3 Internet providers: AT&T, Comcast and WiFi. The WiFi is very slow and it was configured as backup. We temporary disable it.
3. We also created a Application override policy and put it on top of other policy. Please refer to this post:
How to create Application Override Policy in Paloalto Firewall
Situation: After migrating a computer from windows 2008 R2 to 2010 R2 server, some users can’t map the server by using NetBIOS hostname, for example server1.
Troubleshooting: 1. The server has multiple IP addresses.
2. They can’t ping the NetBIOS hostname.
3. Ping FQDN works.
Resolution: Add server main IP address to hosts and lmhosts under C:\Windows\System32\drivers\etc, for example 10.0.0.2 server1. Run nbtstat -RR or restart the client’s computer.
Situation: The client keeps having a DNS problem. Sometimes, users have a problem to access some LAN resources.
Troubleshooting: We find there is Event error relate to DNS.
Log Name: DNS Server
Event ID: 404
Level: Error
Description:
The DNS server could not bind a Transmission Control Protocol (TCP) socket to address 10.0.0.84. The event data is the error code. An IP address of 0.0.0.0 can indicate a valid “any address” configuration in which all configured IP addresses on the computer are available for use.
Restart the DNS server or reboot the computer.
In checking DNS, we find one DC uses two IP addresses. One of IP address belongs to another DC. In the IPv4 Property>Advanced>IP Settings, we find there are two IP addresses. We assume they want to enter two DCs’ IP addresses but put them in wrong place. Removing another IP address fixes the problem.
Situation: The client keeps having a DNS problem. Sometimes, users have a problem to access some LAN resources.
Troubleshooting: We find there is Event error relate to DNS.
Log Name: DNS Server
Event ID: 407
Level: Error
Description:
The DNS server could not bind a User Datagram Protocol (UDP) socket to 10.0.0.84. The event data is the error code. Restart the DNS server or reboot your computer.
In checking DNS, we find one DC uses two IP addresses. One of IP address belongs to another DC. In the IPv4 Property>Advanced>IP Settings, we find there are two IP addresses. We assume they want to enter two DCs’ IP addresses but put them in wrong place. Removing another IP address fixes the problem.
Situation: The client keeps having a DNS problem. Sometimes, users have a problem to access some LAN resources.
Troubleshooting: We find there is Event error relate to DNS.
Log Name: DNS Server
Event ID: 408
Description:
The DNS server could not open socket for address 10.0.0.84.
Verify that this is a valid IP address for the server computer. If it is NOT valid use the Interfaces dialog under Server Properties in the DNS Manager to remove it from the list of IP interfaces. Then stop and restart the DNS server. (If this was the only IP interface on this machine and the DNS server may not have started as a result of this error. In that case remove the DNS\Parameters\ ListenAddress value in the services section of the registry and restart.)
If this is a valid IP address for this machine, make sure that no other application (e.g. another DNS server) is running that would attempt to use the DNS port.
In checking DNS, we find one DC uses two IP addresses. One of IP address belongs to another DC. In the IPv4 Property>Advanced>IP Settings, we find there are two IP addresses. We assume they want to enter two DCs’ IP addresses but put them in wrong place. Removing another IP address fixes the problem.
Situation: The client has DYMO LabelWrioter 450 Printer. It shows offline.
Troubleshooting: 1. Make sure you have a good connection between the computer and the printer.
2. If the USB plug into USB v3, you may try plug into USB v2.
3. Make sure you have correct printer driver.
4. If there is a windows update, install and restart the computer.
Situation: The client has DVMaz v8.5 with two DYMO Label Printer on two workstations. The Label printer works on local computer. However, DVMax on other other computers can’t print.
Troubleshooting:
Can’t print to label printer on DVMax – Chicagotech
www.chicagotech.net › WordPress › 2019/08/12 › cant-print-to-label-print… 3. Make sue you installed the shared Label printer on client workstation.
4. Make sure you have correct DVMax Label printer settings. Please refer to this post:
Situation: The client use DVMax v8.5. None of DVMax can’t print to DYMO Label printers including the computer direct connecting to the label printer.
Troubleshooting: We follow this post and check all settigns, but can’t fix it:
Google Custom Search Can’t print to label printer on DVMax – Chicagotechwww.chicagotech.netwww.chicagotech.net/…/08/…/cant-print-to-label–printer-on-dvmax/
Later, we find an error message on the DVMax Label printer setup. It says: the label printer is on, but there are over 211 printing jobs in the queue. We close the DVMax on the server and restart it. That fixes some problems. But most computers still don’t work. Finally, we restart the DVMax server. That fixes the problem.
Situation: The client uses Office 365 and has a 32 bit add-ins. They have a problem to install the add-ins in new Dell computers.
Troubleshooting: 1. The Dell computer comes with Office 365 64 but.
2. When they install the Office from Office 365 website, it installed 63 bit automatically.
Uninstall Office 64 bit and re-install Office 32 bit. That should fix the problem.