May 22, 2015   |  Register  |  Login
 
 

Search

Rob Ralston - GIAC GCWN Certified
Microsoft Certified Professional

Hosted Remote Monitoring and Management Solution

Virtualized Infrastructure: Server Consolidation & Containment

Dell Registered Partner

DotNetNuke Sponsor
         2006 - 2010
 
Eliminate Admin Rights. Enforce Principle of Least Privilege! 
 
  You are here :- Tech Blog

This is a purely Technical blog. It is my intent to contribute back to the technical community in several different areas of experience.

SBT Blogs
 

Microsoft NCSI - No Internet Access Message in Windows 7 and Windows Server 2008 R2

Jun 1

Written by:
Tuesday, June 01, 2010  RssIcon

I recently upgraded my Dell Latitude XT2 from Windows Vista SP2 to Windows 7. After doing so, I started to see an alert icon for my network connection, along with a message indicating No Internet Access. The odd thing was that I did have Internet access.

While I was reviewing my ISA Server firewall logs today to troubleshoot a different problem, I noticed an anonymous denied message from my notebook IP to http://64.4.18.90/ncsi.txt from a user agent named “Microsoft NCSI”. As a policy, I only allow anonymous outbound access by exception.

A quick search for ncsi.txt helped me find this TechNet Library information which documents the purpose of this unauthenticated outgoing message related to “Network Connectivity Status Indicator” (NCSI). In a nutshell, Windows 7 and Windows Server 2008 R2 use this as part of a broader feature called Network Awareness.

From the TechNet Library:

Benefits and purposes of the Network Connectivity Status Indicator

Windows® 7 and Windows Server® 2008 R2 include a feature called Network Connectivity Status Indicator (NCSI), which is part of a broader feature called Network Awareness. Network Awareness collects network connectivity information and makes it available through an application programming interface (API) to services and applications on a computer running Windows 7 or Windows Server 2008 R2. With this information, services and applications can filter networks (based on attributes and signatures) and choose the networks that are best suited to their tasks. Network Awareness notifies services and applications about changes in the network environment, thus enabling applications to dynamically update network connections.

Network Awareness collects network connectivity information such as the Domain Name System (DNS) suffix of the computer and the forest name and gateway address of networks that the computer connects to. When called on by Network Awareness, NCSI can add information about the following capabilities for a given network:

  • Connectivity to an intranet
  • Connectivity to the Internet (possibly including the ability to send a DNS query and obtain the correct resolution of a DNS name)

NCSI is designed to be responsive to network conditions, so it examines the connectivity of a network in a variety of ways. For example, NCSI tests connectivity by trying to connect to http://www.msftncsi.com, a simple Web site that exists only to support the functionality of NCSI.

___________________

After modifying ISA Server to allow unauthenticated (anonymous) access to Microsoft’s *.msftncsi.com web sites, my Network icon now properly shows my Internet access status. Another little mystery solved.

Copyright ©2010 SilverBullet Technologies LLC

Tags:
Categories: Servers, Security
Location: Blogs Parent Separator Rob Ralston

4 comment(s) so far...


Gravatar

Re: Microsoft NCSI - No Internet Access Message in Windows 7 and Windows Server 2008 R2

Thanks for the info. I was really curious what it was and will stop blocking it thanks to your sharing your research :)

By murpho on   Sunday, May 01, 2011
Gravatar

Re: Microsoft NCSI - No Internet Access Message in Windows 7 and Windows Server 2008 R2

Glad I was able to help you. Thanks for leaving a comment.

By Rob Ralston on   Monday, May 02, 2011
Gravatar

Re: Microsoft NCSI - No Internet Access Message in Windows 7 and Windows Server 2008 R2

I am looking for a better solution to the same problem. I do have excellent connectivity between my pc and router but no Internet Access. My OS is W7 Home and I am an end-user with acceptable pc knowlege. I had to modify from Auto to Manual on any program that is security related. I went first in to Services to modify then to Autoruns Logon to uncheck all security startups. It now works with the sole drawback that I have to manually connect and provide NW key at IE launching.
If modifying NSCI is a better solution, please show me how to do it.
Thank you.

By haingu on   Monday, May 30, 2011
Gravatar

Re: Microsoft NCSI - No Internet Access Message in Windows 7 and Windows Server 2008 R2

Hello haingu. NCSI is a Microsoft Internet connection detection mechanism, built into W7 and W2K8 R2. I did not modify "NCSI".

What I described was the purpose of NCSI and why it failed in my environment until I modified my FW rules to allow the anonymous outbound access for the NCSI client running on any machine.

What you are descibing sounds like something else altogether and may be related to your wireless router configuration. I suggest you connect directly to the router to see if the problem persists.

In addition, you may have some malware on your system which is disrupting your normal Internet access.

The fact that you have to disable all security related services to get Internet access is not a good sign.

There are several free programs which will do a deep scan of your PC for malware. However, some malware can prove to be very difficult or impossible to remove.

I hope you find your problem.

By Rob Ralston on   Monday, May 30, 2011

Your name:
Gravatar Preview
Your email:
(Optional) Email used only to show Gravatar.
Your website:
Title:
Comment:
Security Code
CAPTCHA image
Enter the code shown above in the box below
Add Comment   Cancel