Re: Can Internet Computers see my private address DNS server?

Hi Manny

Thank you for your help. It is greatly appreciated.

UNLESS you specifically open a port into your network or have foolishly
placed one of your systems on the DMZ port.
No, I have not placed any of our computers in the NAT router's DMZ. If I
have opened a port into the network, I don't realize that I have done so. Is
this done at the router or at the firewall or both. We are using the firewall
included with Windows XP Pro / SP-2, and I hope that the default settings
don't do this.

2. To let your DNS server resolve these external names I typically just
remove the root zone (if present) and allow the root hints to do their job.
You could alternately configure the ISP DNS as a forwarder.
I did remove the "root zone", and I did configure the ISP's DNS addresses in
the Forwarder dialog box. Should I add "root hints" to the forwarder box,
too. Or does the DNS system go to "root hints" automatically if the ISP's DNS
servers are down?

You have only one DC. Granted, with only six client machines, that is no
big
deal, but it is still a potential issue if your one DC goes down.
It is my intent, eventually, to turn the client with the Win Server 2003
operating system into a second domain controller. Currently, it is a file and
print server, only.

I would recommend using your 2003 server to perform your DHCP. It is a more
feature rich product.
I shall do so after I successfully complete my current round of projects.

I didn't understand the need for a static IP.
It just came that way. There wasn't any extra cost.

Regards

WPD

***************************
"WPD" <county(please-delete-this)pyrenees@xxxxxxxxx> wrote in message
news:E8CCE9CA-3F14-4DEB-B0F4-4607EE454CC9@xxxxxxxxxxxxxxxx
I am both new to networks, and I am NOT knowledgeable about DNS. Recently,
I
have read much information about DNS, both by Microsoft and by 3rd
parties,
however I have not seen my Subject addressed, anywhere. Of course, at this
point, I am in a constant state of confusion, so the answer could have
slapped me upside the head, and I wouldn't have noticed. Oh, well. I have
tried to make the following information complete without being
overwhelming.
If it doesn't meet these criteria, please accept my apology.

We have a small Client/Server network with private addressing.
(192.168.5.xxx/255.255.255.0). There is 1 Domain Controller [Win Server
2003
/ SP-1] which is also the Domain Name System server for this internal and
private network, and there are 6 clients. 3 of the clients have Win XP Pro
/
SP-2; 2 of the clients have Win 2000 Pro / SP-??; 1 of the clients has Win
Server 2003 / SP-1.

In Network Connections\Local Area Connection\Properties\General
tab\Internet
Protocol(TCP/IP)\Properties\General tab\Preferred DNS server: box , all of
these computers have the Domain Controller / DNS server's address entered.
No
address is entered in the Alternate DNS server: box.

All of the 192.168.5.xxx computers are behind a Linksys NAT router which
also acts, on the LAN side, as the DHCP server. The Domain Controller has
a
fixed address as do the Win 2000 Pro and Win Server 2003 clients. The Win
XP
Pro clients are all served by DHCP. The WAN side of the router has a fixed
address.

In the DNS server dialog box, I have entered my Internet Service
Provider's
DNS server addresses in the Forward box. At this point, I only have a
Forward
Lookup zone.

Finally, the questions: I want my client computers to be able to go to
internet sites such as www.google.com, but I don't want any uninvited
guests
coming back the other way. I sort of understand how the NAT router is a
one-way check valve which only lets in outsiders who are responding to a
request from an internal client. However, will they be able to access,
somehow, my private address DNS server? And, should I add a Reverse Lookup
zone or will that make us vulnerable in some way?

Thank you for your assistance.



.

Relevant Pages

  • Re: Users Cant Access Documents on Server
    ... > then add my computer to the network on the server. ... Did you not see the computers in the Server Management taskpad section? ... The Mac clients can not communicate with the server box. ... >> Error Messages When You Open or Copy Network Files on Windows XP SP1 ...
    (microsoft.public.windows.server.sbs)
  • Re: Users Cant Access Documents on Server
    ... my computer to the network on the server. ... Connection Wizard none of the computers were listed. ... The Mac clients can not communicate with the server box. ... > Error Messages When You Open or Copy Network Files on Windows XP SP1 ...
    (microsoft.public.windows.server.sbs)
  • Re: Network connections gets disconnected
    ... I have tried different brand firewall router also yesterday. ... server IP as the DNS Server but still having same problem.... ... AD clients MUST point to the DNS ... Do not put your ISP's DNS server *anywhere* on an AD client. ...
    (microsoft.public.win2000.networking)
  • Re: Can Internet Computers see my private address DNS server?
    ... To let your DNS server resolve these external names I typically just ... I would recommend using your 2003 server to perform your DHCP. ... and there are 6 clients. ... In the DNS server dialog box, I have entered my Internet Service ...
    (microsoft.public.windows.server.dns)
  • Re: Losing connection with server
    ... The last 3 weeks we are having troubles with our Windows XP SP2 Clients. ... Clients lose there network connection. ... and windows 2000 standard server). ... We have tried new user profiles on the computers with the problems. ...
    (microsoft.public.windowsxp.network_web)