Active Directory & Pix & DNS & Lost Connection

I'm having a weird problem right now with a setup at a business.

DSL > Pix 501 > win2k3SBS > Clients (win2k,xp,98)

Currently the win2k3 machine is hosting the DNS and is also the domain Controller.  The domain name is companyname.internal ....  so active directory did its thing and setup the dns server on the same machine.

The IP Address of the win2k3 machine is 192.168.5.3
The Gateway is 192.168.5.1 (Pix)
The DNS Server is 192.168.5.3

I checked the DNS Server on the win2k3 machine for the infamous "." zone and it wasn't there.  I also put my ISPs DNS Servers in the Forwarders

Right now the win2k3 machine is also the DHCP server and it's giving out client IPs in the form of

IP: 192.168.5.50 - 192.168.5.100
Gateway: 192.168.5.1
DNS: 192.168.5.3

Now - the entire internal network has been kind of flaky after the addition of the win2k3 machine.  It used to just be DSL > Pix > Clients and all was fine.

Now after joining the clients to the domain it seems like randomly they'll not be able to connect to the domain and also not be able to get any outside internet traffic.  They *always* have internal ip, ipconfig /renew/release always works, and they can ping anything on the internal network, just sometimes they'll say "Domain is not available" and hte like.  Now, the machines that are able to get onto the domain, every now and then for some random reason they'll lose internet connection.  what i mean is, you can do ping www.google.com and it'll resolve the IP through DNS for google, but all the requests will zero out... then suddenly it'll start working.  It's really strange.  I don't know if this is a pix problem (as it never happened before) or if this is b/c of the new win2k3 domain machine.  The win2k3SBS server has 5 CALs - they have 10 machines at this office, but 1/2 of them are just dummy machines that host UPS (shippers) printers and software, so i interpreted the CALs as user CALs.  Despite if this breaks any licensing agreements, would this be the reason the computers randomly lose connection?  are they fighting for licenses?  Is there a way to fix this by perhaps having the PIX give out the DHCP leases, so that only when the computer is trying to use the domain (shared drives) they fight for licenses?  It's just really mind boggling that the connection is in and out like that, one second they'll all be down, the next second they'll all be up, then later 1/3 will be up - it's just weird.

Any advice/suggestions would be nice.  I have an extra 5 pack of device CALs on the way to hopefully remedy this, but i'm doubtful that'll do it.

Thanks,
Nick
LVL 1
NickUAAsked:
Who is Participating?
 
visioneerConnect With a Mentor Commented:
10 hosts on the inside using the Internet through the PIX or getting their IPs from it via DHCP.
0
 
Debsyl99Commented:
Hi
Sounds like it may well be a licensing problem given how intermittent the problems are - you need to rule this out asap really. Any errors logged in the server event logs at all and/or clients? Post as much detail as you can
Licensing Overview for reference
http://www.microsoft.com/windowsserver2003/howtobuy/licensing/caloverview.mspx

Deb :))

0
 
lrmooreCommented:
How many user licenses on the PIX 501?
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
visioneerCommented:
The PIX 501 only supports 10 concurrent connections with the default license.  You say you have 10 machines on the LAN.  Are you counting the server, too?  Make sure you're not at 11, because the PIX will start dropping connections until you either up the license or get rid of some machines. :-)

Also, make sure your PCs are configured to only look at the domain controller for DNS.  If you have any external ISP DNS servers in the TCP/IP configuration of the workstations, that will cause those PCs to lose connectivity to the domain.
0
 
NickUAAuthor Commented:
is the pix 10 outgoing connections?  they have a few network printers - they shouldn't be online though.

Nick

how do i check the user licenses on the pix?  show version?
0
 
visioneerCommented:
Yes, it is limited to 10 outbound connections.  The network printers shouldn't matter.

Yes, "show version" will show the license info.  "show conn" will show the concurrent connections.
0
 
NickUAAuthor Commented:
10 outgoing IPs aka 10 computers or 10 connections?  as in lets say 1 computer is checking email and browsing web at same time?  i'm assuming it's the simpler of the two.
0
 
NickUAAuthor Commented:
okay - before i did the upgrade i did "show conn" and it said "10 current 10 most" or whatever the terminology is... then i did the upgrade and rebooted it and not 5min later i did "show conn" and it said like "14 current 21 max" or whatever...  they only have 14 computers?  i did some more tests and went crazy trying to connect to tons of things - it got up to 42 max...  now ...  i'm assuming the pix counts hosts as any outgoing connection on any port?  I didn't know this - i assumed it was per IP...  am i looking at the right info, everyone seems to be able to use the net now so they're happy, but if they're going to hit over 50 it's going to be a problem, and another 300$ upgrade i should have recommended...  am i accurate in this?

Thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.