A systems administrator has deployed a new web server, WEB-SRV01, with the static IP address 10.1.10.50/24. From the server's command line, the administrator can successfully ping the default gateway at 10.1.10.1. However, multiple workstations on the same 10.1.10.0/24 subnet are unable to access the web server's default webpage. Furthermore, ping requests from these workstations to 10.1.10.50 time out. The administrator has verified the server's NIC has an active link light and the physical cabling is secure. Which of the following is the MOST likely cause of this issue?
The default gateway is misconfigured on WEB-SRV01.
The DNS server used by the workstations is offline.
A host-based firewall on WEB-SRV01 is blocking incoming traffic.
The server's network switch port is assigned to an incorrect VLAN.
The correct answer is that a host-based firewall on WEB-SRV01 is blocking incoming traffic. The key evidence is that outbound connectivity from the server works (it can ping the gateway), but inbound connections are failing (workstations cannot ping the server or access its web service). Host-based firewalls are commonly configured to allow outbound traffic by default while blocking most unsolicited inbound traffic, including ICMP Echo Requests (ping) and TCP port 80/443 (HTTP/HTTPS), until specific rules are created to allow them.
A misconfigured default gateway would typically prevent the server from communicating with devices outside its own subnet, but it should not prevent communication with devices on the same subnet, and it would likely cause the ping from the server to the gateway to fail. A DNS server failure is irrelevant because the connectivity tests are using IP addresses, which do not require DNS resolution. An incorrect VLAN assignment is less likely because the server can successfully communicate with its gateway on the same subnet, which would be unusual if it were on the wrong VLAN without more complex network configurations in place.