Re: SBS 2008 Server losing DNS and Router Settings since Windows U

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

Kerry,
hanks for the list, I'll have a look at these. I have used SonicWalls in
teh past and found them quite hard to configure, hopefully they have improved
more recently?

Siv
--
Martley, Near Worcester, UK


"Kerry Brown" wrote:

I like these

http://www.dlink.com/products/?pid=512

Some people find them hard to configure.

These are also good

http://www.sonicwall.com/us/products/TZ_210.html

http://www.sonicwall.com/us/products/TZ_200.html

There are also many good Linux based firewalls. I've tested this one and
found it quite good.

http://www.untangle.com/

I'm sure many others will chime in with their favourites.

--
Kerry Brown
MS-MVP - Windows Desktop Experience: Systems Administration
http://www.vistahelp.ca/phpBB2/




"Siv" <Siv@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:3442F48E-EF25-4D6E-A535-4BC153F0E319@xxxxxxxxxxxxxxxx
Kerry,
OK what would you recommend for a small business of 5 users?

Siv
--
Martley, Near Worcester, UK


"Kerry Brown" wrote:

Consumer routers are simply not acceptable for business use. The risk of
a
server being hacked and the disruption to the business while it is down
because you have to start again from scratch is too high. Even with the
best
backup plan you would have to figure out when the server got hacked then
restore to that date. At best it would take several hours to a day to get
them up and running and the data changes between the restore to date and
the
present may be lost. A $400 investment now will look pretty cheap in
hindsight.

--
Kerry Brown
MS-MVP - Windows Desktop Experience: Systems Administration
http://www.vistahelp.ca/phpBB2/




"Siv" <Siv@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:5CF9CD61-1233-45E2-BF70-DCB129668A71@xxxxxxxxxxxxxxxx
Cliff,
Both these routers are firewall routers, I admit they are not as
powerful
as
a dedicated SonivWall or the like, but for small businesses like these
they
are fine. These clients only have a four or five users and the costs
of a
dedicated firewall is relatively high.

I am blaming Windows update for something as I have never known a
Netgear
DG834G reset itself back to factory defaults on its own and unless the
staff
in the office are lying to me and have started messing with the router
the
only thing that does mess with the router is Windows. Also this setup
has
been running for ages without any issues and then just prior to the
problem
starting a number of Windows Updates were applied.

I appreciate that MS test all their updates and this is unusual, which
is
why I am posting it here as a question. My clients are back up and
running
so I am not after further assistance, I just wanted to raise the
question
to
see if any other users were reporting this sort of fault. I just felt
it
was
too much of a co-incidence that I have two clients on SBS 2008 and they
both
went down after Windows updates were applied over the weekend!

Both machines are working again fine, but it took a lot of messing with
the
DNS settings to get things working properly again.

In the second system I mentioned I did log into the router from the SBS
box
using its web interface and was able to connect to it without any
issues,
so
why couldn't the "connect to the internet" wizard locate the router on
the
network, especially as the server's own NIC settings have the IP of the
router set as their gateway address??

"Even enabled, if the NIC is not connected to the network (which there
is
no
reason for it to be) then enabling it won't impact DNS or DHCP. Both
service still bind to a NIC< so a second NIC will NOT impact the first
bindings."

On reflection I think I may have triggered the changes to DNS DHCP.
This
occurred because at one point I thought that maybe the main NIC had
some
kind
of weird fault that did allow networking but was confusing the wizard,
so
I
switched the single connection to the router to the second NIC, this
would
explain why DNS and DHCP picked up the second IP address.

So I'll take that one back, maybe I can't blame Windows Update for that
one.
I can blame something for enabling it in the first place as it
definitely
wasn't enabled. I know this because I always rename the unused NIC's
name
to
"Don't Use" and leave the main NIC as "Local Area Connection" so that I
don't
click on it and enable it by accident.

This particular client never goes anywhere near the server so I know
that
they haven't done this manually themselves.

In the case of this second client with teh Draytek router, their router
hadn't been reset to factory defaults but it had become invisible to
the
wizard and in fact the NetGear I replaced it with cannot be seen by the
wizard either, which prior to this issue it could without any problems.

Like I say it's all working fine at both clients but I would liek to
know
what the hell happened.

Siv
--
Martley, Near Worcester, UK


"Cliff Galiher" wrote:

Inline:

-Cliff

"Siv" <Siv@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:1C458171-DCD9-46E7-8FBC-3EB656B244AA@xxxxxxxxxxxxxxxx
Hi,
I have two clients who both run an SBS 2008 box with direct
connection
to
a
modem router and they have both just gone off the net in the last
couple
of
days.

GET A FIREWALL!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
(did
I stress that enough?)

It looks like a Windows update has done something pretty nasty to
DNS
and
the router settings. My first client had a Netgear DG834G attached
and
it
had
completely reset back to factory setings and thus was on a
completely
different IP range to how it was configured previously.

Wait, you are blaming a router resetting to factory defaults on
Windows
Update?

1) A router should always have a VERY strong password, and AD/servers
should
not know it...so even if uPnP is enabled (which I don't recommend() a
complete factory reset is still impossible UPnP only allows port
mappings,
not DHCP/DNS changes.

Also factory default
is that DHCP is enabled, so the SBS 2008 box was moaning about a
second
DHCP
server on the network and a lot of the DNS records were mangled up.

Good! DHCP belings on the SBS server for a well designed network.
SBS
had
a right to complain.

Had to re-input the settings to get the router back and then clean
up
the
DNS records before the system would come back on the net and all
cliets
had
to be re-booted to get the correct details from DHCP. It looks like
something
enabled the second (previously disabled) net card,
which then got a different
IP address to the first netcard and this affected DNS, DHCP and
Exchange
Server so that all client machines were getting the IP address of
the
server
as the 2nd net card's IP address.

Even enabled, if the NIC is not connected to the network (which there
is
no
reason for it to be) then enabling it won't impact DNS or DHCP. Both
service still bind to a NIC< so a second NIC will NOT impact the first
bindings.

Rule of thumb: Only plug cables into your switch that are necessary.


All very messy??

Indeed, but nothing I'd blame on SBS or WU yet.

The other client was even more strange, they had a Draytek Vigor
2800i
router, it had not been altered (probably because it didn't have
UPNP
turned
on)

As explained UPnP only allows mapping of NAT ports. Not the changes
you
are
describing.

but the second network card had been enabled and again DNS was all
mangled up and interestingly the "Connect to the internet" wizard
can
not
find the router on the network. When I run the wizard it loses the
gateway
settings and thus internet connectivity, I then manually entere the
server
IP
and the router's IP and tell it to continue and after a long pause
it
fails
with a red error icon saying to contact MS Product Support.

Of course it does. If step 1 is failing, so you are faking it and
manualy
entering settings, then step 2 can't be expected to succeed. Whatever
is
causing SBS to fail the detection of your network is obviously going
to
impact its ability to see the network on step 2 as well.

Wireshark. SBS BPA. These are your friends.

I manually reconfigured the net cards and set the IP settings
manually,
also
had to set the DNS records back up as the IP address that had become
enabled
for the second network card was appearing in DHCP, DNS as the
server's
IP
address and also Exchange had adopted it also.

Do not manually reconfigure. Fixing the source, not the symptom.

After a lot of manual tweaking I got everything back as best I
could.

"as best I could" is obviously subjective, and as cruel as it sounds,
obviously not adequate. IF the manual fixes worked, I doubt you'd be
writing this.
.

Relevant Pages

  • Re: DNS: high CPU, no access, UDP problems?
    ... The network topology we have is as follows: There is one main wireless ... that router Another ... I first stopped the DNS ...
    (microsoft.public.windows.server.dns)
  • Re: [opensuse] dhcp still waiting for data
    ... but the router and DHCP is working ... I tried Kai's suggestion of restarting the dhcp client. ... Well, guys, I guess I am off to buy a new ~ 10 EUR network card. ... What is the DNS adress of your provider? ...
    (SuSE)
  • 2wire router configuration
    ... firewall on this router and to configure my network ... Go to Home Network -> Advanced Settings ... X Default DHCP Pool ... Configure host to use DHCP with host name sent ...
    (comp.unix.bsd.freebsd.misc)
  • help
    ... Network, routers, DHCP and PXE ... wget vs fetch ... It's a Thomson SpeedTouch 585 router. ...
    (freebsd-questions)
  • Re: Networking Questions
    ... The DNS address is sent as a secondary element, mostly because there's no point for nearly all internet connections without DNS. ... The PC asks for an address by sending a DHCP request out the route to the DSL device which is either a modem or a router. ... No need for DNS until host names get involved and those hosts are on a different network segment. ... DNS is mostly just a very glorified hosts table that includes addresses in all network address ranges. ...
    (comp.sys.ibm.as400.misc)