Unable to use NAT on 2000 server HELPPPPPPPPPPPP

Win 2000 server running DHCP, DNS and NAT, Tried all combinations unable to get internet on clients. I do have dhcp at clients. Using 192.168.0.1 series.

Do not know what else to do.
userlinuxAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

ShineOnCommented:
2 NICs on Win2K?  Routing enabled on Win2K?  RRAS config?  Firewalling/packet filtering features?

What is your configuration on your Win2K server as regards the use of it as a NAT router?  Current software config for performing NAT routing, in addition to a stick-drawing in ASCII characters of how this piece of your network will help a lot in giving you an answer.
0
userlinuxAuthor Commented:
Two nics, one internal one outside, DHCP running, DNS running and Routing remote acces-NAT all on one win 2000 server.

Clients are recieving DHCP address from 2000, but no internet, Firewall is Black ICE which I do have acess to all internal addresses 192.168.0.1 thru 192.168.0.254 even tried disabling.

I had internet last night for a while now this morning can't get IP. I tried using DHCP in NAT-no luck that is why I configured 2000 DHCP.
0
userlinuxAuthor Commented:
Two nics, one internal one outside, DHCP running, DNS running and Routing remote acces-NAT all on one win 2000 server. running internal nic to Cisco 2924xl to 5 clients.

Clients are recieving DHCP address from 2000, but no internet, Firewall is Black ICE which I do have acess to all internal addresses 192.168.0.1 thru 192.168.0.254 even tried disabling.

I had internet last night for a while now this morning can't get IP. I tried using DHCP in NAT-no luck that is why I configured 2000 DHCP.
0
Redefine Your Security with AI & Machine Learning

The implications of AI and machine learning in cyber security are massive and constantly growing, creating both efficiencies and new challenges across the board. Check out our on-demand webinar to learn more about how AI can help your organization!

ShineOnCommented:
Do you get access if you disable Black ICE?

When you PING a URL at a client, does it resolve to an IP address?  Does it fail after resolving the address?  (to verify DNS forwarding is working...)

What is the default route/gateway setting on the clients?  It should be the private address of the Win2K box.
0
ShineOnCommented:
One thing you could do is pop a dumb hub into the circuit on each side, connect a PC to it, and run a packet analyzer like Ethereal, to see what is going in and out on both ends, so you can pinpoint the point of failure.
0
userlinuxAuthor Commented:
I can ping client and server. DHCP is working from server. I have also rejoined all clients to the domain.
0
ShineOnCommented:
You say you can ping client and server.  How about, for instance, www.experts-exchange.com?  Does that resolve to the IP address but you don't get a response, or does it not resolve?
0
ShineOnCommented:
Have you tested disabling Black ICE or not?  If you did, please say so.

Have you verified that the private IP of the server is your clients' default gateway?  Does the server have the ISP's router as its default gateway, with the public interface as the next-hop?

Please try to answer all the questions you get asked, so we know where we're at with troubleshooting this.  Thanks.
0
userlinuxAuthor Commented:
only can out side at server
0
ShineOnCommented:
userlinux, please answer the following questions, by number:

1)  Have you tried disabling Black ICE?  What is the result?

2)  Have you verified that the default gateways are set appropriately?

3)  Do you have your server's DNS server set to forward DNS from the DNS server your ISP gave you?

4)  Do you have any other Windows features enabled that could block ports, like the IP filtering, in addition to Black ICE?

5)  Can you post, in plain text with public IP addresses x-ed out, your NAT config and routing config from the server?

6)  Go to a command prompt and do a "route print" on the server and cut & paste the results (again with public addresses x-ed out)

7)  Also from the command prompt, do a "ipconfig /all" on the server and cut & paste the results (with public addresses x-ed out)

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
userlinuxAuthor Commented:
1. yes
2. yes
3. yes, from ipconfig /all
4. no
5. explain
6. Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp.

C:\Documents and Settings\Administrator>route print
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x1000003 ...00 04 76 f8 d0 fb ...... Broadcom NetXtreme Gigabit Ethernet Driv

0x1000004 ...00 c0 9f 1f ff 66 ...... Intel(R) PRO/1000 MT Network Connection
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0       65.25.18.1     65.25.19.62       1
       65.25.18.0    255.255.254.0      65.25.19.62     65.25.19.62       1
      65.25.19.62  255.255.255.255        127.0.0.1       127.0.0.1       1
   65.255.255.255  255.255.255.255      65.25.19.62     65.25.19.62       1
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1       1
      192.168.0.0    255.255.255.0    192.168.0.101   192.168.0.101       1
    192.168.0.101  255.255.255.255        127.0.0.1       127.0.0.1       1
    192.168.0.255  255.255.255.255    192.168.0.101   192.168.0.101       1
        224.0.0.0        224.0.0.0      65.25.19.62     65.25.19.62       1
        224.0.0.0        224.0.0.0    192.168.0.101   192.168.0.101       1
  255.255.255.255  255.255.255.255      65.25.19.62     65.25.19.62       1
Default Gateway:        65.25.18.1
===========================================================================
Persistent Routes:
  None

C:\Documents and Settings\Administrator>

7. C:\Documents and Settings\Administrator>ipconfig /all

Windows 2000 IP Configuration

        Host Name . . . . . . . . . . . . : poweredge
        Primary DNS Suffix  . . . . . . . : hartman.com
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : Yes
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : hartman.com
                                            neo.rr.com

Ethernet adapter INTEL 1000 HARTMAN:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connect
ion
        Physical Address. . . . . . . . . : 00-C0-9F-1F-FF-66
        DHCP Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.0.101
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . :
        DNS Servers . . . . . . . . . . . : 192.168.0.101

Ethernet adapter BEEP BEEP 3COM 1000:

        Connection-specific DNS Suffix  . : neo.rr.com
        Description . . . . . . . . . . . : 3Com 3C996B Gigabit Server NIC
        Physical Address. . . . . . . . . : 00-04-76-F8-D0-FB
        DHCP Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 65.25.19.62
        Subnet Mask . . . . . . . . . . . : 255.255.254.0
        Default Gateway . . . . . . . . . : 65.25.18.1
        DHCP Server . . . . . . . . . . . : 65.24.6.202
        DNS Servers . . . . . . . . . . . : 24.164.100.230
                                            24.164.100.234
                                            65.24.0.163
        Lease Obtained. . . . . . . . . . : Tuesday, December 02, 2003 9:16:30 A
M
        Lease Expires . . . . . . . . . . : Wednesday, December 03, 2003 9:16:30
 AM
0
anupnellipCommented:
In routing and remote access did u set static route
set static  route to 0.0.0.0 0.0.0.0 to your external adpter .
0
userlinuxAuthor Commented:
Please explain,
0
anupnellipCommented:
Well in your RRAS server , under IP routing you have a static route . Ok in that add new select your external interface , give the ip as 0.0.0.0 subnet mask as 0.0.0.0 and then set your default gateway . This will route any packet not in you subnet to the internet .
 I hope internet is working fine on the server ? This has to be working !!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking

From novice to tech pro — start learning today.