Windows 7 incorrectly reports "No Internet Access"
PROBLEM DESCRIPTION
Windows 7 may sometimes report that it has "No Internet Access"; this is visible via the System Tray icon showing a yellow exclamation mark, and also if you go into the Network and Sharing Center. I had this problem recently on my work laptop and spent some time researching possible causes.
DISCUSSION / ANALYSIS
After searching via Google, I learned that one common cause was the Bonjour service and that the recommended fix was to delay its starting (setting the startup type on the service to "Automatic (Delayed Start"). Unfortunately for me, I didn't have this service installed.
Eventually I focused on the Microsoft Network Location Awareness (NLA) service provider, which is the component that controls how the computer handles multiple network connections, such as multiple network interface cards (NIC) connected to different networks, or a physical network connection and a dial-up connection.
I also learned that at system startup (and every time you change NIC settings?) a little-known sub-system of Windows kicks into action. Its called Microsoft NCSI and the Network Location Awareness service tries to access the following URL: www.msftncsi.com/ncsi.txt
That URL returns a simple text string: Microsoft NCSI
This is how Windows 7 (and Vista?) determines whether it is connected to the Internet or not ... if it gets the string, its connected; if it doesn't, it assumes it is not connected to the Internet.
Since I knew that I was connected to the Internet, why was the URL not working and causing the service to reach a false conclusion?
I eventually made the connection that I had recently put a new Fortigate-200B into production and had integrated it with our ActiveDirectory database. All outbound web traffic (HTTP/80) was being processed by an Identity-Based policy which required (transparent) user validation against ActiveDirectory before approving the request ... and if the Network Location Awareness service started up and tried to reach that URL before a user logged on to the computer, it would fail the identity-based policy user authentication challenge/response and then conclude that it was not connected to the Internet.
SOLUTION
I changed the startup settings for the Network Location Awareness service from "Automatic" to "Automatic (Delayed Start)" but this only partially corrected the problem. Eventually I wrote the following batch file and set it to run in my Startup folder:
echo off echo. echo Restart "Network Location Awareness" service echo. net stop "Network List Service" ping localhost -n 5 > nul net stop "Network Location Awareness" ping localhost -n 5 > nul net start "Network Location Awareness" ping localhost -n 5 > nul net start "Network List Service" exit
Copyright © 2011 Stephen Frost
