3.0 Networking

3.1 Troubleshoot client-side connectivity issues using appropriate tools

How to troubleshoot TCP/IP connectivity with Windows XP

  • TCP/IP settings

    The TCP/IP suite is a collection of internet protocols developed by the Department of Defense. Designed to permit communication among a variety of independent, multivendor systems, support is provided for a wide variety of protocols and services, including TCP, IP, UDP, ARP, and others, on many different types of media. TCP/IP is routable across more than one local area network (LAN). Named for it's two primary protocols, Transmission Control Protocol (TCP) and Internet Protocol (IP), TCP/IP provides end-to-end connectivity specifying how data should be formatted, addressed, transmitted, routed and received at the destination.

    • Gateway

      A gateway is described as "a router on a TCP/IP network that serves as an access point to another network". A large network may contain multiple gateways depending on the structure of the network. Home networks will typically use one gateway. This will be the device that connects their home devices to the Internet.

      More from Wikipedia

    • Subnet mask

      A Subnet mask is a 32-bit number that masks an IP address, and divides the IP address into network address and host address.

      More on Subnet Masks

    • DNS

      The Domain Name System (DNS) is a hierarchical naming system for computers, services, or any resource connected to the Internet or a private network. Internet and TCP utilities such as telnet, FTP, and SMTP use DNS to translate computer host and domain names to their corresponding IP addresses. DNS allows you to type recognizable names into your Web browser and your computer will automatically find that address on the Internet. Address information is stored in several locations in a hierarchical structure.

    • DHCP (dynamic vs.static)

      The Dynamic Host Configuration Protocol (DHCP) is a network configuration protocol that enables a server on an IP network to automatically assign an IP address to a computer from a predetermined range of numbers. The most essential information needed is an IP address, and a default route and routing prefix. DHCP controls the assignment of unique dynamic IP addresses and routing information, eliminating the manual task by a network administrator.

    • NAT (private and public)

      NAT (Network Address Translation) is the translation of one network's IP address information to that of another. NAT permits the use of internal subnet address for routing internal traffic, then translates these addresses to external addresses for transit across a routing device.

  • Characteristics of TCP/IP

    • Loopback addresses

    • Automatic IP addressing

  • Mail protocol settings

    Incoming and Outgoing Mail Server Settings

    • SMTP

      Simple Mail Transfer Protocol (SMTP) is a reliable and efficient mail transport and delivery protocol that is capable of transporting outgoing email across multiple networks. SMTP requires a reliable data stream channel for transmission.

    • IMAP

      Internet message access protocol (IMAP) is one of the two most prevalent Internet standard protocols for e-mail retrieval, the other being the Post Office Protocol (POP). Virtually all modern e-mail clients and mail servers support both protocols as a means of transferring e-mail messages from a server. IMAP is a client/server protocol in which e-mail is received and held by your Internet server and downloaded from the server by request. Imap permits the manipulation of remote mailboxes as though they were local, and works well with slower modem connections.

    • POP

      Post Office Protocol (POP3) is a simple, standardized application-layer protocol used for retrieving incoming email from a remote mail server over a TCP/IP connection and saving to a local device. A POP3 server listens on well-known port TCP/110.

  • FTP settings

    File Transfer Protocol (FTP) is a standard network protocol used to transfer files from one host to another host over a TCP-based network, such as the Internet. FTP is built on a client-server architecture and uses separate control and data connections between the client and server. Authentication is accomplished through the use of a clear-text sign-in protocol and is not considered to be secure.

    • Ports

      File Transfer Protocol first establishes, then maintains a control connection throughout the session over TCP port 21. Then a second connection is opened over TCP port 20 for data transfer.

    • IP addresses

    • Exceptions

    • Programs

  • Proxy settings

    Browsers can be configured to use a proxy server to connect to the Internet. A proxy server acts as a security barrier between your internal network and the Internet, keeping others on the Internet from being able to obtain access to information that is located on your internal network.

    Proxy servers can be used with any application that supports the use of proxies (e.g. web browsers). A proxy server listens for a request from the web browser and forwards it to the website. In turn, the website's response is received by the proxy server, then forwarded to the web browser. Proxies may be used to filter web content, screen uploads and downloads, or provide anonymity on the Internet.

    What Is a Proxy

    Proxy settings can be checked by first opening the Control Panel and selecting Internet Options. Next, open the Connections tab, and select Lan Settings. Configuration information about your proxy server may have to be provided by your system administrator.

    • Ports

    • IP addresses

    • Exceptions

    • Programs

  • Tools (use and interpret results)

    • PING

      The PING utility tests connectivity between two hosts by sending an ICMP Echo Request to a destination host to verify IP connectivity. Ping can also be used to isolate network hardware problems and incompatible configurations by providing indicators of the general speed or reliability of network connections.

      Command options include:

      • -t : Pings the specified host until stopped
      • -a : Resolves addresses to hostnames
      • -n : Count Number of echo requests to send
      • -l : Adjusts the size of the ping packet
      • -w : Adjusts the time-out (in milliseconds)
      • hostname : Tests connectivity to a particular host


      Traceroute is a utility program very similar to Ping, except that Tracert identifies the network path of test data sent to a remote computer, rather than the time it takes for each packet to return. It will list all the routers it passes through until it reaches its destination, or fails to and is discarded. In addition to this, it will tell you how long each 'hop' from router to router takes.


      Nslookup.exe is a command-line administrative tool for testing and troubleshooting DNS servers. In its most basic usage, NSLookup returns the IP address with the matching host name.


      Netstat (Network Statistics) is a command-line tool that displays network connections (both incoming and outgoing), routing tables, and a number of network interface statistics. It is available on Unix, Unix-like, and Windows NT-based operating systems.

    • Net use

      The NET USE command is a Command Prompt command that's used to connect, disconnect, configure or display information about connections to shared resources, like mapped drives and network printers.

      The NET USE command is one of many NET commands.

      More on NET USE

    • Net /?

      The NET command is used to manage network resources. You can view a list of all available net commands by typing net /? at a command prompt.

      More on NET services

      More on NET services commands

    • Ipconfig

      The IPConfig command line utility is used to display or set TCP/IP configuration settings of network interfaces including the IP address, subnet mask, default gateway, MAC address, and DNS names. It also helps with reconfiguration of your IP address through release and renew.

      To use Ipconfig in Windows 2000 or XP;

      • Begin with Start, and select Run. This opens the "Run Line" dialog frame. Type cmd on the line and press Enter to invoke the Command Prompt utility. At the command prompt, type ipconfig, and press Enter.

      In Windows 7;

      • Begin with Start, type cmd in the Search Bar and press Enter to invoke the Command Prompt utility. At the command prompt, type ipconfig, and press Enter.

      Optional switches for Ipconfig include:

      • /? Displays the Help menu for ipconfig.
      • /all Displays full configuration information.
      • /release Releases the IP address for the specified adapter.
      • /renew Renews the IP address for the specified adapter.

    • telnet

      Short for Telecommunications network, TELNET is a text base interface that provides an insecure remote access to other computers. Telnet uses a command line interface and can be accessed in Windows from the Start menu by clicking <Start>, <Run>, then by typing: telnet (somesite) 23.

      Port number 23 is the default port used by telnet, but is usually optional and often not required.

      RFC 854 - TELNET Protocol Specification

    • SSH

  • Secure connection protocols

    • SSH

      Secure Shell (SSH) is a cryptographic remote login protocol for secure data communication over an unsecured network. Designed as a replacement for telnet and rlogin, which send information in plaintext, SSH client and server programs provide strong host-to-host and user authentication as well as a number of securely encrypted methods of communication to provide confidentiality and integrity of data. SSH supports data stream compression between the client and the server.

      There are two major versions of the SSH protocol in widespread use, SSH v1 and SSH v2. SSH v2 is more secure, and includes SFTP, which is similar to FTP, but is SSH v2 encrypted.

    • HTTPS

      Hypertext Transfer Protocol Secure (HTTPS) is a combination of Hypertext Transfer Protocol (HTTP) with SSL/TLS protocol. It provides encrypted communication and secure identification of a network web server. HTTPS connections are often used for payment transactions on the World Wide Web and for sensitive transactions in corporate information systems. HTTPS uses port 443 by default.

  • Firewall settings

    Understanding Windows Firewall settings

    • Open and closed ports

    • Program filters