?
Solved

Active Directory & Pix & DNS & Lost Connection

Posted on 2004-03-30
8
Medium Priority
?
286 Views
Last Modified: 2008-02-01
I'm having a weird problem right now with a setup at a business.

DSL > Pix 501 > win2k3SBS > Clients (win2k,xp,98)

Currently the win2k3 machine is hosting the DNS and is also the domain Controller.  The domain name is companyname.internal ....  so active directory did its thing and setup the dns server on the same machine.

The IP Address of the win2k3 machine is 192.168.5.3
The Gateway is 192.168.5.1 (Pix)
The DNS Server is 192.168.5.3

I checked the DNS Server on the win2k3 machine for the infamous "." zone and it wasn't there.  I also put my ISPs DNS Servers in the Forwarders

Right now the win2k3 machine is also the DHCP server and it's giving out client IPs in the form of

IP: 192.168.5.50 - 192.168.5.100
Gateway: 192.168.5.1
DNS: 192.168.5.3

Now - the entire internal network has been kind of flaky after the addition of the win2k3 machine.  It used to just be DSL > Pix > Clients and all was fine.

Now after joining the clients to the domain it seems like randomly they'll not be able to connect to the domain and also not be able to get any outside internet traffic.  They *always* have internal ip, ipconfig /renew/release always works, and they can ping anything on the internal network, just sometimes they'll say "Domain is not available" and hte like.  Now, the machines that are able to get onto the domain, every now and then for some random reason they'll lose internet connection.  what i mean is, you can do ping www.google.com and it'll resolve the IP through DNS for google, but all the requests will zero out... then suddenly it'll start working.  It's really strange.  I don't know if this is a pix problem (as it never happened before) or if this is b/c of the new win2k3 domain machine.  The win2k3SBS server has 5 CALs - they have 10 machines at this office, but 1/2 of them are just dummy machines that host UPS (shippers) printers and software, so i interpreted the CALs as user CALs.  Despite if this breaks any licensing agreements, would this be the reason the computers randomly lose connection?  are they fighting for licenses?  Is there a way to fix this by perhaps having the PIX give out the DHCP leases, so that only when the computer is trying to use the domain (shared drives) they fight for licenses?  It's just really mind boggling that the connection is in and out like that, one second they'll all be down, the next second they'll all be up, then later 1/3 will be up - it's just weird.

Any advice/suggestions would be nice.  I have an extra 5 pack of device CALs on the way to hopefully remedy this, but i'm doubtful that'll do it.

Thanks,
Nick
0
Comment
Question by:NickUA
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 20

Expert Comment

by:Debsyl99
ID: 10718473
Hi
Sounds like it may well be a licensing problem given how intermittent the problems are - you need to rule this out asap really. Any errors logged in the server event logs at all and/or clients? Post as much detail as you can
Licensing Overview for reference
http://www.microsoft.com/windowsserver2003/howtobuy/licensing/caloverview.mspx

Deb :))

0
 
LVL 79

Expert Comment

by:lrmoore
ID: 10718877
How many user licenses on the PIX 501?
0
 
LVL 5

Expert Comment

by:visioneer
ID: 10719483
The PIX 501 only supports 10 concurrent connections with the default license.  You say you have 10 machines on the LAN.  Are you counting the server, too?  Make sure you're not at 11, because the PIX will start dropping connections until you either up the license or get rid of some machines. :-)

Also, make sure your PCs are configured to only look at the domain controller for DNS.  If you have any external ISP DNS servers in the TCP/IP configuration of the workstations, that will cause those PCs to lose connectivity to the domain.
0
Will your db performance match your db growth?

In Percona’s white paper “Performance at Scale: Keeping Your Database on Its Toes,” we take a high-level approach to what you need to think about when planning for database scalability.

 
LVL 1

Author Comment

by:NickUA
ID: 10719691
is the pix 10 outgoing connections?  they have a few network printers - they shouldn't be online though.

Nick

how do i check the user licenses on the pix?  show version?
0
 
LVL 5

Expert Comment

by:visioneer
ID: 10719714
Yes, it is limited to 10 outbound connections.  The network printers shouldn't matter.

Yes, "show version" will show the license info.  "show conn" will show the concurrent connections.
0
 
LVL 1

Author Comment

by:NickUA
ID: 10721678
10 outgoing IPs aka 10 computers or 10 connections?  as in lets say 1 computer is checking email and browsing web at same time?  i'm assuming it's the simpler of the two.
0
 
LVL 5

Accepted Solution

by:
visioneer earned 1500 total points
ID: 10725569
10 hosts on the inside using the Internet through the PIX or getting their IPs from it via DHCP.
0
 
LVL 1

Author Comment

by:NickUA
ID: 10738692
okay - before i did the upgrade i did "show conn" and it said "10 current 10 most" or whatever the terminology is... then i did the upgrade and rebooted it and not 5min later i did "show conn" and it said like "14 current 21 max" or whatever...  they only have 14 computers?  i did some more tests and went crazy trying to connect to tons of things - it got up to 42 max...  now ...  i'm assuming the pix counts hosts as any outgoing connection on any port?  I didn't know this - i assumed it was per IP...  am i looking at the right info, everyone seems to be able to use the net now so they're happy, but if they're going to hit over 50 it's going to be a problem, and another 300$ upgrade i should have recommended...  am i accurate in this?

Thanks
0

Featured Post

WordPress Tutorial 3: Plugins, Themes, and Widgets

The three most common changes you will make to your website involve the look (themes), the functionality (plugins), and modular elements (widgets).

In this article we will briefly define each again, and give you directions on how to install them.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
This month, Experts Exchange’s free Course of the Month is focused on CompTIA IT Fundamentals.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question