Re: Urgent! New router and big disaster
- From: "Gregg Hill" <bogus@xxxxxxxxxxx>
- Date: Tue, 7 Mar 2006 23:52:20 -0800
C_O,
This clarification is mainly to keep Kimmy from getting confused.
In your previous post, you stated "In the TCP/IP properties for the external
NIC, you need to specify an external DNS server for DNS, instead of the
server's own IP address.You should do that in the CEICW, that way it will
set up the DNS forwarding to work correctly." The CEICW will NOT place the
ISP DNS servers into the external NIC's TCP/IP properties; it will place
those entries into the DNS forwarders, which is NOT the same as having them
on the NIC's properties.
Then you stated in your next post that your "point was that the DNS settings
on the WAN side NIC should not make any difference, really, because the SBS
DNS does not look at them anyway ...."
Yes, it does make a difference, and no, there will not be an endless loop.
The WAN and LAN DNS in an AD domain should always be the internal LAN IP
address of the server. In the CEICW, you can choose to input your ISP's DNS
servers, or you can leave them blank, which will cause the server to use the
root hint servers on the Internet.
Gregg Hill
"CO-DBA-SC-EL" <dx6490@xxxxxxxxx> wrote in message
news:OsuD6CbQGHA.1160@xxxxxxxxxxxxxxxxxxxxxxx
But of course I meant that the DNS settings for the WAN in CEICW must
point to the ISP's DNS, as directed by the prompts when you get to that
wizard page. My point was that the DNS settings on the WAN side NIC should
not make any difference, really, because the SBS DNS does not look at them
anyway (if it did it would be stuck in an endless loop), and in any case
it is not a good idea to try to tinker with them directly.
C_O
"SuperGumby [SBS MVP]" <not@xxxxxxxxxxx> wrote in message
news:OW5zv1YQGHA.2496@xxxxxxxxxxxxxxxxxxxxxxx
sorry, very re-active.
Both NICs should point to his internal IP for DNS. ie. the NIC properties
of all members of an Active Directory, even multihomed devices such as
this server and my workstation, should point _only_ to an AD integrated
DNS server for name resolution, the AD integrated DNS server will then
satisfy queries outside the AD by the use of either 'forwarders' or 'root
hints'.
If 'CO-DBA-SC-EL' has configured external DNS servers on SBS systems it
probably explains some of the wierd errors he sometimes asks of the
group.
"SuperGumby [SBS MVP]" <not@xxxxxxxxxxx> wrote in message
news:uruAJuYQGHA.3460@xxxxxxxxxxxxxxxxxxxxxxx
NONONONONONO
Both NICs should point to his internal IP. The SBS DNS server, running
on the internal IP, will then satisfy external requests via either
forwarders or 'root hints'.
C'mon, we're getting close. Don't spoil it.
"CO-DBA-SC-EL" <dx6490@xxxxxxxxx> wrote in message
news:%23BUq2VYQGHA.5592@xxxxxxxxxxxxxxxxxxxxxxx
You're getting close. Since you can reach an external web site by using
its IP it means that your problem is now DNS. I don't see how your
settings could work. In the TCP/IP properties for the external NIC, you
need to specify an external DNS server for DNS, instead of the server's
own IP address. You should do that in the CEICW, that way it will set
up the DNS forwarding to work correctly. When the CEICW asks you for
the configuration for the external NIC, use:
IP Address 192.168.0.99 (See Note 1)
Subnet Mask : 255.255.255.0
Default Gateway: 192.168.0.1
DNS Servers: 192.168.0.1 (See Note 2)
Note 1. 192.168.0.100 looks like an address in the DHCP range of the
router. You should give your SBS a fixed external address so you can
forward ports to it reliably in the router. I don't have the D-Link doc
but x.x.x.99 should be outside its DHCP range. If not pick another one.
Why do that if the SBS is the only computer connected to the router?
Because some day you might try to debug something else, plug a computer
in the router while the SBS is off or disconnected, then plug the SBS
back in and discover that the other computer has now been given the
address you thought was the SBS's own. Then of course RWW and all those
goodies quit working. Play it safe. Use a fixed address outside the
DHCP range of the router.
Note 2. Normally the router will forward DNS requests. You may be able
to speed things up by specifying the IP address of your ISP's DNS
servers instead of the router -- the router will just pass that through
instead of actively forwarding.
C_O
"Kimmy" <Kimmy@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:C56EA7C3-EAE0-4D4F-9BBB-DFA8FBB9DC11@xxxxxxxxxxxxxxxx
I checked the binding order and the Server Local area connection is at
the top.
I should have been more clear about internet connection..
- when we open internet explorer the company web is shown, when we
type in
an address... http:www.google.ca, we get page cannot be displayed. But
if I
type the ip address 65.98.45.220 the webpage loads. (this is true for
Both
the SBS and client stations)
I just read somewhere in another posting about nslookup.exe, and
thought I
would give it a try. I got this..
***Can't find server name for address 192.168.16.2: Non-existent
domain
Default Server: Unknown
Address: 192.168.16.2
( I found that in the DNS - clicked my server name and ran the lookup
tool)
"Merv Porter [SBS-MVP]" wrote:
However, when I checked the binding on the external nic there was
no
TCP/IP
in the list, just File and Printer Sharing and the Microsoft
Client
Networks
were the only two in the list and neither of them are checked
off.
Check Binding order
------------------------
Right click My Network Places...Properties. Highlight the Internal
NIC. Then
select Advanced...Advanced Settings from the top menu for that
window. This
will check the bindings.
The Internal NIC should be displayed first followed by the External
NIC. If
not, move the Internal NIC to the top of the list.
The Internal NIC should have File and Printer Sharing bound
(checkmarked) to
the TCP/IP Protocol.
The Internal NIC should have Client for Microsoft Networks bound
(checkmarked) to the TCP/IP Protocol.
------------------------
Is the Internal NIC at the top of the list?
After
running the internet connection wizard, no internet was available
for
either
the SBS or the Client by using the test page www.dnslookup.com, but
each
can
view 65.98.45.220.
What is 65.98.45.220? If neother SBS server nor client workstation
had
Internet access, how could they view anything at this public
(Internet) IP
address?
--
Merv Porter [SBS MVP]
===================================
"Kimmy" <Kimmy@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:41894A1D-D2B3-49C0-AB14-AD2D5EA865E8@xxxxxxxxxxxxxxxx
Been having a a lot of trouble. The orignial router died and now
we are
using a D-Link 604. My problem is this:
1 -I have the set up done just like this...
http://www.smallbizserver.net/Default.aspx?tabid=266&articleType=ArticleView&articleId=76
However, when I checked the binding on the external nic there was
no
TCP/IP
in the list, just File and Printer Sharing and the Microsoft
Client
Networks
were the only two in the list and neither of them are checked off.
After
running the internet connection wizard, no internet was available
for
either
the SBS or the Client by using the test page www.dnslookup.com, but
each
can
view 65.98.45.220.
The Current ipconfig/all from server is this
Server Local Area Connection:
Connection-specific DNS Suffix:
Description: Intel Pro/1000
Physical Address: 00-14-22-B4_12-CE
DHCP Enabled : NO
IP Address 192.168.16.2
Subnet Mask : 255.255.255.0
Default Gateway:
DNS Servers: 192.168.16.2
Primary Wins Server 192.168.16.2
Ethernet Network Connection
Connection-specific DNS Suffix:
Description: BroadCom NetXtream
Physical Address: 00-10-18-18-31-C2
DHCP Enabled : NO
IP Address 192.168.0.100
Subnet Mask : 255.255.255.0
Default Gateway: 192.168.0.1
DNS Servers: 192.168.16.2
NetBios Over TCPIP: Diabled
Any ideas?
Other info... Before I ran the internet connection wizard, I also
disabled
the UPNP on the router itself. I have checked the DNS Service and
it is
running, also is the DCHP Service.
I wonder if I may have missed a firewall setting on the router as
well.
"CO-DBA-SC-EL" wrote:
Hmmm. In a 2-NIC setup changing the router (which feeds the WAN
side of
the
SBS) should have nothing to do with the inability of the clients
to login
to
the domain. Completely separate networks. The IPconfig for the
client
shows
that the client is not able to get an address from the DHCP server
on the
SBS.
Now, a problem could occur if the physical net was configured to
use the
router's LAN switch to connect the workstations (both SBS NICs
into the
same
switch) which in theory should work but is of course a very bad
practice.
If
that is the problem, try to fix that, using the diagram in the SBS
documentation (such as it is...). Assuming that this is not the
problem...
First check whether the DHCP service is running. If it is not,
start it,
then try to figure out why it did not start in the first place.
If that does not fix the problem, go through the following steps:
1. Verify that the workstations can physically connect to the LAN
side of
the SBS. Since it looks like the workstations are set up to use
DHCP, a
quick and dirty way to do that would be (a) disconnect everything
from
the
router then (b) to move the cable from the LAN side NIC of the SBS
to a
LAN
port on the router then (c) turn on the router, give it time to
boot and
do
an ipconfig -reset on a workstation then check whether it got an
IP
address
from the router and that it can ping the router. If that doesn't
work,
first
do a deep reset of the router and try again. If after that it
still does
not
work, look for a bad cable or bad switch in the LAN or some other
LAN
config
problem.
2. Assuming that step 1 is fixed, take this opportunity to log
into the
router and verity that it is set up correctly. It should have DHCP
turned
on
and have its WAN side configured properly, including the ISP DNS
and
gateway
addresses if the WAN side of the router is not using DHCP. Don't
bother
with
port forwarding yet. Making sure that the firewall on the
workstation is
enabled (or using a test laptop instead of the workstation),
connect the
WAN
side of the router and check that the workstation can connect to
the
Internet. If that works, then the router should not be a problem
and you
can
focus on the SBS. If that doesn't work, pretend that the router is
working
for the purpose of step 3, but you will need a router...
3. With all physical connections correct (as in the SBS
documentation
diagram for 2-NIC setup with a router), run the CEICW. Use the
vanilla
settings. While you are at it, set up a LAN side address of
192.168.x.2
for
your SBS, where x is anything excep 0, 1, 2 or 13. This will allow
you to
substitute any router (at least from the brands I've tried)
without
having
to worry about subnet conflict between the WAN and LAN side. When
it
comes
to router UPNP say that your router is not UPNP, and look up the
"More
Info"
that tells you which ports you will need to forward on the router.
Port
forwarding on your perimeter device is something you probably want
to be
able to control yourself. Also, if you control port forwarding on
the
router
yourself, you can replace the router at will without ever needing
to
change
anything in the SBS configuration.
4. Check the Services to verify that the DHCP service is running.
Go to a
workstation and verify that it can get an IP address through DHCP
and
that
you can ping the SBS--it should show up as the gateway and DNS
server in
the
IPconfig for the workstation. If this doesn't work, then you have
a more
serious problem with your SBS. Call for help.
5. If steps 1 to 4 succeeded, then try to king a known good test
address
(e.g. www.dnsreports.com) on the Internet from a workstation. If
that
doesn't work (not found), try to ping a known IP address (e.g.
65.98.45.220). If that works but pinging by name did not work, you
have a
DNS problem. Check that the DNS configuration in the CEICW is
correct. If
you had made manual modifications to the SBS DNS settings, go back
to
your
setup nodes and try to undo them before running the CEICW. If that
still
doesn't work, call for help.
Let us know how you've done. Sleeplessness induces people to make
strange
errors... so be careful.
C_O
..
"Jan" <jan@.n.o.com> wrote in message
news:Ob1SWtCQGHA.1040@xxxxxxxxxxxxxxxxxxxxxxx
It looks like new router configuration was different from one
that
died.
Post output of "ipconfig /all" from server and one workstation
connected
to 24 port switch.
Should be able to give you simple instructions to get back to
where you
where before this incident.
--
Jan Wakulicz
www.micropol.com.au
"Kimmy" <Kimmy@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:C85BE8C6-2E8A-4DC6-AB7A-11CD42D0716B@xxxxxxxxxxxxxxxx
quick brief on orginal setup
Dell Power 1800 server running SBS2003 standard with 2 nics
1 D-link 8 port router & 1- 24 port switch
D-link connected to ISP with a stactic ip and server- onbard
nic
connected
to switch.
Orginal install went off with out a hitch including all updates
ect.
For
a
week clients could communicate with server.
Yesterday the router dies, and I quickly swapted it with
another
D-link
router this one smaller -only a four port. When the router
died, other
than
no internet access, the client machines could still connect to
server.
After I swaped the router everything was still fine.
This morning, I had to go clean up my network room and wires.
During
this
I
shut down the server, and removed of from the room. It was down
for
about
5
hours.
Then I set it back up, all the same- i didn't touch a setting,
and now
my
clients can't login. The administrator can log in client
machines,
release/renew the ip address, look at network places, see the
server
but
cant
connect. No internet access either.
Okay so back at the server -no internet connection but can see
the
internal
website. The external nic is set to auto get ip from router,
but the
primary
dns is the ip address of the local nic. When I change that to
the ip
of
the
router I can get internet on the server. Ran the CEICW... doh!
The
wizard
poped up with that the router is a plug in play and it wanted
to
configure
it. Now everything is so totally messed.
I cant get any clients to log in but when i set the ip on the
external
nic
back to the router ip, I can reach the remote server login page
on my
laptop.
I have ran the change server ip wizard, but nothing.
Please I need to have this whole thing back up and running by
Mon.
morning,
so please give very deatiled instructions if ya got them. I
have been
going
on less than 3 hours sleep, and if you can come up with a less
than
perfect
quick fix until next weekend, I am all ears.
Thanks
.
- References:
- Re: Urgent! New router and big disaster
- From: Jan
- Re: Urgent! New router and big disaster
- From: CO-DBA-SC-EL
- Re: Urgent! New router and big disaster
- From: Kimmy
- Re: Urgent! New router and big disaster
- From: Merv Porter [SBS-MVP]
- Re: Urgent! New router and big disaster
- From: Kimmy
- Re: Urgent! New router and big disaster
- From: CO-DBA-SC-EL
- Re: Urgent! New router and big disaster
- From: SuperGumby [SBS MVP]
- Re: Urgent! New router and big disaster
- From: SuperGumby [SBS MVP]
- Re: Urgent! New router and big disaster
- From: CO-DBA-SC-EL
- Re: Urgent! New router and big disaster
- Prev by Date: Re: RWW authentication
- Next by Date: Re: AOL
- Previous by thread: Re: Urgent! New router and big disaster
- Next by thread: Re: Urgent! New router and big disaster
- Index(es):
Relevant Pages
|
