Re: Windows 2003 server, DNS forwarding to internet not working

Thanks Ace

I can get to the internet from both the firewall and the server. Only
the workstations are unable. Yes the smoothwall is connected the cable
modem.

internet
|
smoothwall
|
switch
| \
server all workstations

So server and xp ws are all right off of the switch.

Prior to my current attempts I had smoothwall as the dhcp server and all
boxes were able to get to the internet. DHCP is now via server.

I mentioned in another post, am I missing an element? Router or
something? Will the config I have work?


In article <u8JKn7nOGHA.3064@xxxxxxxxxxxxxxxxxxxx>,
PleaseSubstituteMyActualFirstName&LastNameHere@xxxxxxxxxxx says...
In news:MPG.1e6aa8d1bba59ed59899b6@xxxxxxxxxxxxxxxxxxxx,
network_out <none.none.none> stated, which I commented on below:
Sorry, the server nic was already set to use it's own ip as the pref
dns server. So are the workstations. Still can't browse to the
internet from the workstations.

I've heard of Smoothwall. I've used a FreeBSD firewall as an arp only
(bridge) firewall. No ip addresses on it. It can scan packets for rules
without the threat of an attacker hurtin git because it has NO IP addresses
on it.

Can you access the internet from the BSD machine? If not, I may be thinking
traffic's being blocked. Double check your rules.

I am assuming the smoothwall is also your NAT device connected to the
router, DSL modem or cable modem (whatever you have)?

Let's try to simplify it with a basic graphic on what you have. Can you
describe the connections in more detail please, such as:

cable modem -> smoothwall -> internal network.

Internal network has:
- Win2003 DOmain Controller
- XP Clients


And yes, ALL machines in an AD environment MUST only use the internal DNS.
This also bades best practices for a non-AD network for your internal DNS to
control resolution. Configure a forwarder for efficient internet resolution.
DNS traffic must be allowed by the firewall inbound/outbound from the DNS
server.

Ace



.

Relevant Pages

  • Re: No DNS
    ... "The Internet Assigned Numbers Authority has reserved private IP ... The workstations assigned themselves an address when DHCP failed. ... I enabled dhcp and dns on the server and insured my scope was ...
    (microsoft.public.windows.server.sbs)
  • Re: Internet on nodes
    ... internet sharing feature ... workstations and is configured through CEICW (Configure Email nad Internet ... formatting of my server machine. ... The workstation Windows Firewall is controlled by ...
    (microsoft.public.windows.server.sbs)
  • Re: Internet on nodes
    ... Shutdown all attached devices except the SBS itself, your internet router ... Run the 'Change Server IP Address' ... possible to share the Internet with the workstations. ... have manual control of the windows firewall. ...
    (microsoft.public.windows.server.sbs)
  • Re: Internet on nodes
    ... Shutdown all attached devices except the SBS itself, your internet router ... Run the 'Change Server IP Address' ... possible to share the Internet with the workstations. ... manual control of the windows firewall. ...
    (microsoft.public.windows.server.sbs)
  • Enable internet and file sharing
    ... I want to let my workstations to access the internet and shared folders ... residing on the server, which connects to the internet on a separate network ... The wizards suck, and they havent done anything for me except to ruin ...
    (microsoft.public.windows.server.sbs)