When end users take their laptops offsite and the laptops are domain
workstations they can no longer access the internet. This happens to
all of our laptop computers and has started in the last six months or
so. Here are the symptoms:

- User can connect to the foreign network and pull the proper dns and ip
address entries.
- User can ping internal resources and public ip addresses
- User cannot browse to any web pages
- User cannot ping www.microsoft.com or any other domain name
- This issue happens with either wireless or ethernet connections (we
don't use dial-up)

We have checked to make sure that the networking settings are set up
properly and that the internal domain dns servers are not hard coded.
IE doesn't use a proxy server. The Windows Firewall doesn't affect this
issue.

Two more items to note: Logging into the laptop as the local
administrator (instead of domain admin or domain user) produces the same
issue. We use roaming profiles on our network and have noticed that
this happens with users who roam and with users who do not roam.

The only way we have resolved this issue is to remove the laptop from
the domain altogether. This immediately resolves the issue. I have
been all over the domain controller trying to find a security or policy
setting that could be preventing the users from connecting. I believe
it was a security update about six months ago that caused this but
cannot confirm it.

If anyone has any ideas as to how to resolve this issue I would be most
appreciated. Thanks in advance!