Solved

Unable to use NAT on 2000 server  HELPPPPPPPPPPPP

Posted on 2003-12-01
14
457 Views
Last Modified: 2010-04-11
Win 2000 server running DHCP, DNS and NAT, Tried all combinations unable to get internet on clients. I do have dhcp at clients. Using 192.168.0.1 series.

Do not know what else to do.
0
Comment
Question by:userlinux
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 6
  • 2
14 Comments
 
LVL 35

Expert Comment

by:ShineOn
ID: 9856427
2 NICs on Win2K?  Routing enabled on Win2K?  RRAS config?  Firewalling/packet filtering features?

What is your configuration on your Win2K server as regards the use of it as a NAT router?  Current software config for performing NAT routing, in addition to a stick-drawing in ASCII characters of how this piece of your network will help a lot in giving you an answer.
0
 

Author Comment

by:userlinux
ID: 9860370
Two nics, one internal one outside, DHCP running, DNS running and Routing remote acces-NAT all on one win 2000 server.

Clients are recieving DHCP address from 2000, but no internet, Firewall is Black ICE which I do have acess to all internal addresses 192.168.0.1 thru 192.168.0.254 even tried disabling.

I had internet last night for a while now this morning can't get IP. I tried using DHCP in NAT-no luck that is why I configured 2000 DHCP.
0
 

Author Comment

by:userlinux
ID: 9860376
Two nics, one internal one outside, DHCP running, DNS running and Routing remote acces-NAT all on one win 2000 server. running internal nic to Cisco 2924xl to 5 clients.

Clients are recieving DHCP address from 2000, but no internet, Firewall is Black ICE which I do have acess to all internal addresses 192.168.0.1 thru 192.168.0.254 even tried disabling.

I had internet last night for a while now this morning can't get IP. I tried using DHCP in NAT-no luck that is why I configured 2000 DHCP.
0
Salesforce Has Never Been Easier

Improve and reinforce salesforce training & adoption using WalkMe's digital adoption platform. Start saving on costly employee training by creating fast intuitive Walk-Thrus for Salesforce. Claim your Free Account Now

 
LVL 35

Expert Comment

by:ShineOn
ID: 9860610
Do you get access if you disable Black ICE?

When you PING a URL at a client, does it resolve to an IP address?  Does it fail after resolving the address?  (to verify DNS forwarding is working...)

What is the default route/gateway setting on the clients?  It should be the private address of the Win2K box.
0
 
LVL 35

Expert Comment

by:ShineOn
ID: 9860626
One thing you could do is pop a dumb hub into the circuit on each side, connect a PC to it, and run a packet analyzer like Ethereal, to see what is going in and out on both ends, so you can pinpoint the point of failure.
0
 

Author Comment

by:userlinux
ID: 9861265
I can ping client and server. DHCP is working from server. I have also rejoined all clients to the domain.
0
 
LVL 35

Expert Comment

by:ShineOn
ID: 9861313
You say you can ping client and server.  How about, for instance, www.experts-exchange.com?  Does that resolve to the IP address but you don't get a response, or does it not resolve?
0
 
LVL 35

Expert Comment

by:ShineOn
ID: 9861337
Have you tested disabling Black ICE or not?  If you did, please say so.

Have you verified that the private IP of the server is your clients' default gateway?  Does the server have the ISP's router as its default gateway, with the public interface as the next-hop?

Please try to answer all the questions you get asked, so we know where we're at with troubleshooting this.  Thanks.
0
 

Author Comment

by:userlinux
ID: 9861345
only can out side at server
0
 
LVL 35

Accepted Solution

by:
ShineOn earned 250 total points
ID: 9861445
userlinux, please answer the following questions, by number:

1)  Have you tried disabling Black ICE?  What is the result?

2)  Have you verified that the default gateways are set appropriately?

3)  Do you have your server's DNS server set to forward DNS from the DNS server your ISP gave you?

4)  Do you have any other Windows features enabled that could block ports, like the IP filtering, in addition to Black ICE?

5)  Can you post, in plain text with public IP addresses x-ed out, your NAT config and routing config from the server?

6)  Go to a command prompt and do a "route print" on the server and cut & paste the results (again with public addresses x-ed out)

7)  Also from the command prompt, do a "ipconfig /all" on the server and cut & paste the results (with public addresses x-ed out)

0
 

Author Comment

by:userlinux
ID: 9862751
1. yes
2. yes
3. yes, from ipconfig /all
4. no
5. explain
6. Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp.

C:\Documents and Settings\Administrator>route print
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x1000003 ...00 04 76 f8 d0 fb ...... Broadcom NetXtreme Gigabit Ethernet Driv

0x1000004 ...00 c0 9f 1f ff 66 ...... Intel(R) PRO/1000 MT Network Connection
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0       65.25.18.1     65.25.19.62       1
       65.25.18.0    255.255.254.0      65.25.19.62     65.25.19.62       1
      65.25.19.62  255.255.255.255        127.0.0.1       127.0.0.1       1
   65.255.255.255  255.255.255.255      65.25.19.62     65.25.19.62       1
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1       1
      192.168.0.0    255.255.255.0    192.168.0.101   192.168.0.101       1
    192.168.0.101  255.255.255.255        127.0.0.1       127.0.0.1       1
    192.168.0.255  255.255.255.255    192.168.0.101   192.168.0.101       1
        224.0.0.0        224.0.0.0      65.25.19.62     65.25.19.62       1
        224.0.0.0        224.0.0.0    192.168.0.101   192.168.0.101       1
  255.255.255.255  255.255.255.255      65.25.19.62     65.25.19.62       1
Default Gateway:        65.25.18.1
===========================================================================
Persistent Routes:
  None

C:\Documents and Settings\Administrator>

7. C:\Documents and Settings\Administrator>ipconfig /all

Windows 2000 IP Configuration

        Host Name . . . . . . . . . . . . : poweredge
        Primary DNS Suffix  . . . . . . . : hartman.com
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : Yes
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : hartman.com
                                            neo.rr.com

Ethernet adapter INTEL 1000 HARTMAN:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connect
ion
        Physical Address. . . . . . . . . : 00-C0-9F-1F-FF-66
        DHCP Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.0.101
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . :
        DNS Servers . . . . . . . . . . . : 192.168.0.101

Ethernet adapter BEEP BEEP 3COM 1000:

        Connection-specific DNS Suffix  . : neo.rr.com
        Description . . . . . . . . . . . : 3Com 3C996B Gigabit Server NIC
        Physical Address. . . . . . . . . : 00-04-76-F8-D0-FB
        DHCP Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 65.25.19.62
        Subnet Mask . . . . . . . . . . . : 255.255.254.0
        Default Gateway . . . . . . . . . : 65.25.18.1
        DHCP Server . . . . . . . . . . . : 65.24.6.202
        DNS Servers . . . . . . . . . . . : 24.164.100.230
                                            24.164.100.234
                                            65.24.0.163
        Lease Obtained. . . . . . . . . . : Tuesday, December 02, 2003 9:16:30 A
M
        Lease Expires . . . . . . . . . . : Wednesday, December 03, 2003 9:16:30
 AM
0
 
LVL 10

Expert Comment

by:anupnellip
ID: 9990574
In routing and remote access did u set static route
set static  route to 0.0.0.0 0.0.0.0 to your external adpter .
0
 

Author Comment

by:userlinux
ID: 9990666
Please explain,
0
 
LVL 10

Assisted Solution

by:anupnellip
anupnellip earned 250 total points
ID: 9990711
Well in your RRAS server , under IP routing you have a static route . Ok in that add new select your external interface , give the ip as 0.0.0.0 subnet mask as 0.0.0.0 and then set your default gateway . This will route any packet not in you subnet to the internet .
 I hope internet is working fine on the server ? This has to be working !!
0

Featured Post

Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Recommendation for open source Monitoring 7 98
DHCP for a new, 2nd subnet 12 61
patch status tool - free 9 59
PCAP file format 4 32
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question