Paul Burrows
asked on
Cisco 837 router added then clients are unable to resolve DNS
When I am at the Small Business Server 2003 with two NICS, one for internet through ISA and one for local network, and I type "ping bbc.com" the server resolves the address and shows the results of the ping. When I am at a client on the network the dns name does not resolve to the ip address and I get the message "ping request could not find host bbc.com......".
I am unsure what to change as the client can actually ping the site if I enter the ip address as obtained from the server.
Any idea what I need to do?
The only change is a cisco 837 router I added to the network. I had no problem with the previous router.
The cisco configuration follows:
service timestamps debug datetime msec
service timestamps log datetime msec
ip subnet-zero
!
hostname Cisco837
!
clock timezone NZST 12
clock summer-time NZST recurring 1 Sun Oct 3:00 3 Sun Mar 2:00
ip subnet-zero
!
interface ethernet0
ip address 192.168.0.1 255.255.255.0
ip nat inside
no ip directed-broadcast
!
interface atm0
no ip address
no ip directed-broadcast
no ip mroute-cache
pvc 0/100
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
interface dialer1
ip address xxx.xxx.xxx.xxx 255.255.255.0
no ip directed-broadcast
ip nat outside
encapsulation ppp
dialer pool 1
ppp chap hostname XXXXXX@xtra.co.nz
ppp chap password xxxxxx
ppp pap sent-username xxxxxx@xtra.co.nz password xxxxxx
!
!
ip nat inside source list 1 interface dialer1 overload
ip nat inside source static tcp 192.168.0.2 21 interface dialer1 21
ip nat inside source static tcp 192.168.0.2 25 interface dialer1 25
ip nat inside source static tcp 192.168.0.2 80 interface dialer1 80
ip nat inside source static tcp 192.168.0.2 110 interface dialer1 110
ip nat inside source static udp 192.168.0.2 123 interface dialer1 123
ip nat inside source static tcp 192.168.0.2 143 interface dialer1 143
ip nat inside source static tcp 192.168.0.2 220 interface dialer1 220
ip nat inside source static tcp 192.168.0.2 443 interface dialer1 443
ip nat inside source static tcp 192.168.0.2 444 interface dialer1 444
ip nat inside source static tcp 192.168.0.2 500 interface dialer1 500
ip nat inside source static tcp 192.168.0.2 1701 interface dialer1 1701
ip nat inside source static tcp 192.168.0.2 1723 interface dialer1 1723
ip nat inside source static tcp 192.168.0.2 3389 interface dialer1 3389
ip nat inside source static tcp 192.168.0.2 4125 interface dialer1 4125
ip nat inside source static tcp 192.168.0.2 4500 interface dialer1 4500
ip classless
ip route 0.0.0.0 0.0.0.0 dialer1
no ip http server
!
access-list 1 permit 192.168.0.0 0.0.0.255
dialer-list 1 protocol ip permit
no cdp run
!
end
I am unsure what to change as the client can actually ping the site if I enter the ip address as obtained from the server.
Any idea what I need to do?
The only change is a cisco 837 router I added to the network. I had no problem with the previous router.
The cisco configuration follows:
service timestamps debug datetime msec
service timestamps log datetime msec
ip subnet-zero
!
hostname Cisco837
!
clock timezone NZST 12
clock summer-time NZST recurring 1 Sun Oct 3:00 3 Sun Mar 2:00
ip subnet-zero
!
interface ethernet0
ip address 192.168.0.1 255.255.255.0
ip nat inside
no ip directed-broadcast
!
interface atm0
no ip address
no ip directed-broadcast
no ip mroute-cache
pvc 0/100
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
interface dialer1
ip address xxx.xxx.xxx.xxx 255.255.255.0
no ip directed-broadcast
ip nat outside
encapsulation ppp
dialer pool 1
ppp chap hostname XXXXXX@xtra.co.nz
ppp chap password xxxxxx
ppp pap sent-username xxxxxx@xtra.co.nz password xxxxxx
!
!
ip nat inside source list 1 interface dialer1 overload
ip nat inside source static tcp 192.168.0.2 21 interface dialer1 21
ip nat inside source static tcp 192.168.0.2 25 interface dialer1 25
ip nat inside source static tcp 192.168.0.2 80 interface dialer1 80
ip nat inside source static tcp 192.168.0.2 110 interface dialer1 110
ip nat inside source static udp 192.168.0.2 123 interface dialer1 123
ip nat inside source static tcp 192.168.0.2 143 interface dialer1 143
ip nat inside source static tcp 192.168.0.2 220 interface dialer1 220
ip nat inside source static tcp 192.168.0.2 443 interface dialer1 443
ip nat inside source static tcp 192.168.0.2 444 interface dialer1 444
ip nat inside source static tcp 192.168.0.2 500 interface dialer1 500
ip nat inside source static tcp 192.168.0.2 1701 interface dialer1 1701
ip nat inside source static tcp 192.168.0.2 1723 interface dialer1 1723
ip nat inside source static tcp 192.168.0.2 3389 interface dialer1 3389
ip nat inside source static tcp 192.168.0.2 4125 interface dialer1 4125
ip nat inside source static tcp 192.168.0.2 4500 interface dialer1 4500
ip classless
ip route 0.0.0.0 0.0.0.0 dialer1
no ip http server
!
access-list 1 permit 192.168.0.0 0.0.0.255
dialer-list 1 protocol ip permit
no cdp run
!
end
Go to a command prompt (Start, Run, CMD) on both the server and the workstations. Type "ipconfig /all" and compare the DNS server entries. Make sure they are the same on both. If running a DHCP server, check to make sure it is handing out the correct DNS server addresses to your clients. Nothing on the router should be blocking DNS lookups.
to make it work, then you need to enable dns forward and reverse.
It doesn't look like the 837 is providing DHCP services, so, with that said, do an IPCONFIG /ALL and make sure you have DNS server entries. If you are running DHCP, you should add the appropriate DNS servers in the Scope options.
ASKER
I have traced the problem to the SBS2000 Firewall Client on the specific client computer. The client was set to "Automatically detect ISA server" and when I took this option off and simply named the NETBIOS name of the server the DNS started resolving again.
Weird.
Weird.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.