Re: SBS 2003 Misconfigured?

Mark Grantom <mgrantom@xxxxxxxxxx[no spam]> wrote:
Thanks once again. I checked all of the DHCP settings before I
posted and rechecked them after your response. I used the wizard to
setup DHCP and I have also gone in and manually created a new scope
and authorized it as well. Everything looks correct. I remember that
when I first used the Netgear router with SBS 2003, and ran the ICEW
wizard, it detected the fact that the router was UPNP and I told it
to set it up for me and it worked beautifully. Later, when I flashed
the firmware to the router, (can't remember what the issue was) the
UPNP never was detected if I re-ran the ICEW wizard. (I do have it
enabled on the router and windows XP does detect it because it shows
up in the network neighborhood).

*Never* use UPnP. Disable it. :-)

Also, the firmware update was a
major one going from 1.x to a 2.x and totally changed the graphical
interface on the router, however, it also caused the router to
display an error message "unable to obtain profile". A tech at
netgear suggested that I reflash the firmware so when I went back to
re-download it, the 2.x version for my router is no longer listed as
being compatible with my older unit, so I downgraded the firmware to
the latest 1.x version. Bottom line, the router may have issues.

It's easy to bypass this - just get an ethernet switch & be disconnected
from the Internet modem when you do this.

It
is very frustrating to try to find a person willing to administer SBS
2003 on a tiny system like mine in the real world. I had one tech
spend 4+ hours on my system, and then tell me to enable DHCP on the
router. This tech is in charge of a major oil company's IT
department with several SBS 2003 servers.

Hmmm. I'd be surprised if a major oil company had SBS - and having more than
one SBS server in a company makes no sense. So...

I had another guy tell me
not to use DHCP on the server as well.

Where are you finding techs? Where are you located?

So far, all of the real world
people that have shown up have not been of much help. Thus my
attempt with this group.

I went out and purchased a netgear 8 port switch which I am going to
try and setup per the previous posts. I assume I will link it via
one of the ethernet ports on the Netopia, and enable the firewall
settings on the Netopia as well.

No - I do not recommend that - it is not sufficiently secure.

I will experiment with the Netgear
router by itself and see if I can reflash it back into use. If so, I
will swap it out later since it appears to be a superior firewalling
product.

Yes, I think so. However, if you really want to take care of that, get a
SonicWALL or similar.



Mark Grantom <mgrantom@xxxxxxxxxx[no spam]> wrote:
DHCP shows up on the server as running. I am attempting to do this
using remote desktop so, I'm not sure of the results.

Ah. It's best to do this stuff in person, really.

When I pulled
up one of the workstations via remote web connection, and changed
the tcp/ip settings to "obtain ip automatically" and "obtain DNS
automatically", the NIC on the workstation apparently reset itself
and I lost my remote session of course.

Biensure!

When I remote back into the
server and look at DHCP, I did see the ip address of 192.168.5.101
which is what I had also previously used as the static ip address.

OK, but why are you looking at the server rather than the
workstation? Can't you still connect?
I
assume DHCP assigned it, but how can I verify that. Is there a way
to force a client to obtain a new ip address by issuing a command
from the server?

Not really. Do this in person on the client.

ipconfig /release
ipconfig /renew
ipconfig /all
(this will show you the DHCP lease info).


Also, I may have misstated the original issue about
DHCP not working. What I mean to say is that when tcp/ip is set to
"auto obtain" on the workstations, I was having connection problems
with the workstations.

Such as?

It could be that DHCP is working but is
misconfigured.

If the server was set up using the wizards, this wouldn't happen.
However, it's very easy to reconfigure your DHCP server / scope
options after the fact. Make surte DHCP is disabled on your router.
What you want is something like this:

Scope: 192.168.5.1 - 192.168.5.254
Subnet mask: 255.255.255.0
Exclusions: 192.168.5.1 - 192.168.5.100 (if you're using my scheme,
in which case assign the server something like .30) and also
192.168.5.200 - 192.168.5.250. If you want to stick with your
existing server IP, exclude it singly.
Router: 192.168.5.1
DNS domain/suffix: whatever.local
DNS servers: 192.168.5.xxx (your server's LAN IP)
WINS server: 192.168.5.xxx (your server's LAN IP)
WINS node type: 0x8 (hybrid node)

I don't think you can re-configure your DHCP server using the CEICW,
which is a shame as you wouldn't have to do all this work manually,
but someone else may contradict or confirm that.



For example, I noticed that under "Server Options"
there is a setting for Router. Is this the netgear router or is it
the SBS server?

The Netgear, or whatever you use as your gateway to get out to the
Internet.

As for the tech issue, the last guy's solution was
to enable DHCP on the router, which is not what I wanted.

Nor should it be. Try and find a good/qualified tech who's worked
with SBS before, but also has experience with & understanding of AD
& basic networking.

Thanks for
your help.

You're welcome.



Mark Grantom <mgrantom@xxxxxxxxxx[no spam]> wrote:
I went back and looked at the Netgear. I don't see anything that
allows you to turn NAT on or off. I based my post on the notes
that a tech I hired left me.

I'm guessing that you may want to get another tech in there to help
you out at this point, honestly.

I DO know that NAT is off on the Netopia.
The netgear has a setting for the Internet IP which is set to the
static IP given to me by AT&T. It also has a setting for the LAN
ip which is set to 192.168.5.2 if this helps.

Then you do have NAT on there.

The additonal information
on how my workstations are manuall configured:
WINS is set to the SBS server's ip 192.168.5.109
DNS server address is set to SBS server's ip 192.168.5.109
Append primary and connection specific DNS suffixes is selected
DNS suffix for this connection is set to "grantomlaw.local"
Register this connections addresses in DNS is checked
Use this connection's DNS suffix in DNS registration is checked
IP Settings
192.168.5.101 Subnet mask of 255.255.255.0
Gateway is set to 192.168.5.2 (address of the netgear router)
Automatic metric is checked

That's all good, but something else is clearly awry if you can't
get DHCP working - and as Cliff says, that should be a simple
thing. The fact that it isn't working indicates you've got larger
problems.. Ignore the Netopia & Internet access right now - in
fact, disconnect the WAN port of the Netgear from the Netopia
entirely. So, everything is plugged into the switch ports on your
Netgear now, yes?

If DHCP is *disabled* on the NetGear (which, btw, I much prefer as
a simple firewall to the Netopia), then you should have DHCP
running on the SBS box. If the DHCP server service is started &
you can see it working/running in the DHCP server console on the
server, and you connect a workstation configured to get an IP
address automatically, what happens?

If this isn't your area of expertise or cup of tea there's no shame
in
that - but you ought to get someone experienced in to help you out
if you're having problems at this level.

Oh, and don't install Quickbooks on your server. Seriously.

Inline:

-Cliff

"Mark Grantom" <mgrantom@xxxxxxxxxx[no spam]> wrote in message
news:63AFF1B0-E929-40DB-B7FF-ED1377D9BC69@xxxxxxxxxxxxxxxx
Thanks for all the quick responses! I apologize for not getting
back sooner
but I had to be out of the office today unexpectedly. The
Netopia IS a router/modem, it is just not setup up for routing.
I wanted to use the Netgear router because it has 8 ports,
utilizes UPNP (at least it did it ONCE
then quit) and is brand new (well almost).
UPnP is useful for a very limited subset of applications, none of
which apply in an office setting.

NAT is turned off on both devices.
Which, based on the configuration you gave, is part of the
problem. You mentioned that you assigned the ISP IP to netopia
AND the netgear. That itself will cause a problem. You *can*
configure the netopia to operate in bridged mode, but in this
configuration, it is literally acting as modem, converting
DSL/ATM traffic to ethernet and would not hold a public IP of
its own. Again, it would have to be configured properly to pass
ALL traffic to the netgear...tricky if you aren't sure EXACTLY
what you are doing.

Secondly, the netgear SHOULD be configured to NAT unless you are
running SBS in a 2-nic configuration in which case SBS would be
handling NAT. But, if SBS were in a 2-nic configuration, you'd
still need a switch on the internal-facing NIC. You could use
the netgear for this, but at that point you'd configure the
netgear without an external IP...and basically not be using the
routing functions at all. So basically, from where I stand, you
still have configuration issues.

I am NOT a techie I just figured out a lot by myself in the last
30 years that I have been building / using computers ( I started
in 1978). Initially when I installed SBS 2003 I was using the
netgear router with a DSL
modem. When I changed over to a static IP, AT&T sent me the
netopia router/modem so I was forced to use it, but since it
only has 4 ports, I had
a tech help me to set it up so it only obtains the ip (so it
does operate as
only a modem).
If it is properly configures as "only" a modem, then it won't
obtain the IP. It will let the netgear handle that task. See
above.

I then linked it to the netgear router. DHCP is configured
on the server, but if I set a workstation to "obtain ip
automatically" that
WS cannot get onto the internet. If I manually set the ip's
there are no problems.
A perfect example of why I think you have fundamental network
issues. Until you get DHCP working, you can't expect other
things to work. DHCP isn't an overly complex protocol. If it is
broke...well....you need to concentrate on fixing it. Don't even
*worry* about trying to fix the printing issue yet. When you fix
DHCP, I suspect you'll find other things magically start working.

The specific problem I have at the moment is that I have to run
Quickbooks on my server (I know, I shouldn't but I HAVE to
because another application I use Time Matters "Quickbooks
Server, requires it.)
You know you shouldn't. We know you shouldn't. Suffice it to
say, you should look at addressing this. I'm familiar with Time
Matters and have my own opinions on how to resolve this issue,
but as tempted as I am to do so, I think it'd only fracture the
thread and frankly does not directly relate to the problem you
have right now.

When I try
to print from the server using the laser printer on one of the
workstations,
the printer does not show up. Everything else seems to work.
Everything except DHCP. You can't ignore problems and expect
everything else to work. Sorry if that comes across harshly, but
it is true. To say "everything else seems to work" blatantly
ignores the other problems you've posted here.

I can browse
files on the workstations etc. The printer is properly shared
on the workstation and the box checked that says to "list in
directory".
The "list in directory" is nice if you are using AD to find
printers. It is not necessary though. If you've shared the
printer, then you can always fall back to 'classic' file and
printer sharing. And since that does not appear to be working,
you have other problems.

I'm not
sure, but I believe it MAY be related to my having "moved" the
workstations
in the Active Directory to the "my company" computers folder, if
I'm making
sense.
Possible, if a GPO is configured to stop file and printer sharing
or setting firewall rules to block such communications. Why did
you move the computer to a different OU? For SBS, the default
setup with /connectcomputer is good 99% of the time. There *are*
legitimate reasons to move machines, but I find many people do so
when it is unnecessary as well. There is usually a better way...

Thanks for all of the help.
--
Mark G


"Lanwench [MVP - Exchange]" wrote:

Cliff Galiher <cgaliher@xxxxxxxxx> wrote:
Lanwench brings up good points, but I'm going to go a step
further and say I'm concerned about your current device
configuration.

If I read this properly, you have the WAN port of your netgear
device plugged into one of the LAN ports of your netopia.

Yes, that was my understanding as well.

The netopia 3300
series (I'm guessing the model based on the specs given)
default to a NAT routing configuration,

But not necessarily. I have several clients running Netopias. I
merely tell
the ISP that I have my own firewall appliance & don't want NAT
or any filtering. The NetGear FVS318 is not the greatest
firewall on the planet, but it's a decent little device - and
it has an integrated Ethernet swtich,
which I presume he's using.

Even if the Netopia were configured to do NAT, the worst thing
that would happen is that his LAN would be 'double NATted' -
which might cause problems
with *inbound* traffic but wouldn't cause any problems with LAN
traffic or
outbound Internet connectivity.

Guess we'll have to wait til the OP posts back to find out.

so essentially you've segmented your
network if you have equipment plugged into both devices. This
could cause all sorts of problems if you haven't carefully
configured the equipment. I'd personally pull the netgear out
of the equation. No need for two peices of equipment that do
the same job.

I would instead pick up a switch (not a router), such as a
3com OfficeConnect (they come in managed and unmanaged
varieties) or a Linksys and plug it into the netopia. No
worrying about WAN ports, no configuration, just plug and
play. I think you'll find administration and troubleshooting
much easier if you don't have to worry about network
communications traversing multiple routable devices.
-Cliff

"Lanwench [MVP - Exchange]"
<lanwench@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
wrote in message news:OpNPcrA$IHA.3964@xxxxxxxxxxxxxxxxxxxxxxx
Mark Grantom <mgrantom@xxxxxxxxxx[no spam]> wrote:
I apologize in advance for the length of this post, however
I wanted to furnish as much information as possible to help
me solve this problem. I have spent a great deal of time
trying to solve this myself but I am at a complete
roadblock at this



.

Relevant Pages

  • Re: SBS 2003 Misconfigured?
    ... I've thrown quite a bit at them, and just have to disagree that they are inherently less secure than the netgear. ... setup DHCP and I have also gone in and manually created a new scope ... when I first used the Netgear router with SBS 2003, ... than one SBS server in a company makes no sense. ...
    (microsoft.public.windows.server.sbs)
  • Re: SBS 2003 Misconfigured?
    ... I used the wizard to setup DHCP and I ... I remember that when I first used the Netgear ... router was UPNP and I told it to set it up for me and it worked beautifully. ... I had another guy tell me not to use DHCP on the server as ...
    (microsoft.public.windows.server.sbs)
  • Re: SBS 2003 Misconfigured?
    ... Yeah, maybe it's not that different from the Netgear, for all that. ... that when I first used the Netgear router with SBS 2003, ... tech spend 4+ hours on my system, and then tell me to enable DHCP ... more than one SBS server in a company makes no sense. ...
    (microsoft.public.windows.server.sbs)
  • Re: SBS 2003 Misconfigured?
    ... The netgear has a setting for the Internet IP which is set to the ... DNS server address is set to SBS server's ip 192.168.5.109 ... but something else is clearly awry if you can't get DHCP ... Which, based on the configuration you gave, is part of the problem. ...
    (microsoft.public.windows.server.sbs)
  • Re: SBS 2003 Misconfigured?
    ... The netgear has a setting for the Internet IP which is set to the ... DNS server address is set to SBS server's ip 192.168.5.109 ... DHCP working - and as Cliff says, that should be a simple thing. ... Which, based on the configuration you gave, is part of the problem. ...
    (microsoft.public.windows.server.sbs)