Solved

Active Directory & Pix & DNS & Lost Connection

Posted on 2004-03-30
8
275 Views
Last Modified: 2008-02-01
I'm having a weird problem right now with a setup at a business.

DSL > Pix 501 > win2k3SBS > Clients (win2k,xp,98)

Currently the win2k3 machine is hosting the DNS and is also the domain Controller.  The domain name is companyname.internal ....  so active directory did its thing and setup the dns server on the same machine.

The IP Address of the win2k3 machine is 192.168.5.3
The Gateway is 192.168.5.1 (Pix)
The DNS Server is 192.168.5.3

I checked the DNS Server on the win2k3 machine for the infamous "." zone and it wasn't there.  I also put my ISPs DNS Servers in the Forwarders

Right now the win2k3 machine is also the DHCP server and it's giving out client IPs in the form of

IP: 192.168.5.50 - 192.168.5.100
Gateway: 192.168.5.1
DNS: 192.168.5.3

Now - the entire internal network has been kind of flaky after the addition of the win2k3 machine.  It used to just be DSL > Pix > Clients and all was fine.

Now after joining the clients to the domain it seems like randomly they'll not be able to connect to the domain and also not be able to get any outside internet traffic.  They *always* have internal ip, ipconfig /renew/release always works, and they can ping anything on the internal network, just sometimes they'll say "Domain is not available" and hte like.  Now, the machines that are able to get onto the domain, every now and then for some random reason they'll lose internet connection.  what i mean is, you can do ping www.google.com and it'll resolve the IP through DNS for google, but all the requests will zero out... then suddenly it'll start working.  It's really strange.  I don't know if this is a pix problem (as it never happened before) or if this is b/c of the new win2k3 domain machine.  The win2k3SBS server has 5 CALs - they have 10 machines at this office, but 1/2 of them are just dummy machines that host UPS (shippers) printers and software, so i interpreted the CALs as user CALs.  Despite if this breaks any licensing agreements, would this be the reason the computers randomly lose connection?  are they fighting for licenses?  Is there a way to fix this by perhaps having the PIX give out the DHCP leases, so that only when the computer is trying to use the domain (shared drives) they fight for licenses?  It's just really mind boggling that the connection is in and out like that, one second they'll all be down, the next second they'll all be up, then later 1/3 will be up - it's just weird.

Any advice/suggestions would be nice.  I have an extra 5 pack of device CALs on the way to hopefully remedy this, but i'm doubtful that'll do it.

Thanks,
Nick
0
Comment
Question by:NickUA
8 Comments
 
LVL 20

Expert Comment

by:Debsyl99
Comment Utility
Hi
Sounds like it may well be a licensing problem given how intermittent the problems are - you need to rule this out asap really. Any errors logged in the server event logs at all and/or clients? Post as much detail as you can
Licensing Overview for reference
http://www.microsoft.com/windowsserver2003/howtobuy/licensing/caloverview.mspx

Deb :))

0
 
LVL 79

Expert Comment

by:lrmoore
Comment Utility
How many user licenses on the PIX 501?
0
 
LVL 5

Expert Comment

by:visioneer
Comment Utility
The PIX 501 only supports 10 concurrent connections with the default license.  You say you have 10 machines on the LAN.  Are you counting the server, too?  Make sure you're not at 11, because the PIX will start dropping connections until you either up the license or get rid of some machines. :-)

Also, make sure your PCs are configured to only look at the domain controller for DNS.  If you have any external ISP DNS servers in the TCP/IP configuration of the workstations, that will cause those PCs to lose connectivity to the domain.
0
 
LVL 1

Author Comment

by:NickUA
Comment Utility
is the pix 10 outgoing connections?  they have a few network printers - they shouldn't be online though.

Nick

how do i check the user licenses on the pix?  show version?
0
New My Cloud Pro Series - organize everything!

With space to keep virtually everything, the My Cloud Pro Series offers your team the network storage to edit, save and share production files from anywhere with an internet connection. Compatible with both Mac and PC, you're able to protect your content regardless of OS.

 
LVL 5

Expert Comment

by:visioneer
Comment Utility
Yes, it is limited to 10 outbound connections.  The network printers shouldn't matter.

Yes, "show version" will show the license info.  "show conn" will show the concurrent connections.
0
 
LVL 1

Author Comment

by:NickUA
Comment Utility
10 outgoing IPs aka 10 computers or 10 connections?  as in lets say 1 computer is checking email and browsing web at same time?  i'm assuming it's the simpler of the two.
0
 
LVL 5

Accepted Solution

by:
visioneer earned 500 total points
Comment Utility
10 hosts on the inside using the Internet through the PIX or getting their IPs from it via DHCP.
0
 
LVL 1

Author Comment

by:NickUA
Comment Utility
okay - before i did the upgrade i did "show conn" and it said "10 current 10 most" or whatever the terminology is... then i did the upgrade and rebooted it and not 5min later i did "show conn" and it said like "14 current 21 max" or whatever...  they only have 14 computers?  i did some more tests and went crazy trying to connect to tons of things - it got up to 42 max...  now ...  i'm assuming the pix counts hosts as any outgoing connection on any port?  I didn't know this - i assumed it was per IP...  am i looking at the right info, everyone seems to be able to use the net now so they're happy, but if they're going to hit over 50 it's going to be a problem, and another 300$ upgrade i should have recommended...  am i accurate in this?

Thanks
0

Featured Post

Free camera licenses with purchase of My Cloud NAS

Milestone Arcus software is compatible with thousands of industry-leading cameras for added flexibility. Upon installation on your My Cloud NAS, you will receive two (2) camera licenses already enabled in the software. And for a limited time, get additional camera licenses FREE.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
SNMP v3 Encryption of encoded messages 3 30
Independent domain networks for setup 6 78
server plus 2 42
active directory 3 16
Resolve DNS query failed errors for Exchange
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now