Solved

Windows 2003 DNS Revers and Forward Look up issue? not sure

Posted on 2004-09-14
15
686 Views
Last Modified: 2013-12-19
Ok I’m offering 250 points for this on as most of it I have had answered in http://www.experts-exchange.com/Networking/Q_21080974.html

We decided to go windows 2003.  So NOW  I find my self starting over. I can PING my client from the server. I  Cannot ping the server from the client.  I just assumed that because it was going one way and not the other that by default 2003 turns off ICMP services?

ANY WAY,

I think my Active Directory DHCP, DNS and stuff is set up correctly.  When I try to LOG into the domain on my CLINTE I get a pop up that says the computer could not be found.  ALSO on this one, if I enter the IP of the server in my DNS of the client I loose my internet connection.  THUS perhaps something wrong with my forwarding and reverse look up?

ON THE SERVER:
Ipconfig shows : Default server = myservername.mydnsname.local
                           Address = 192.168.1.200  (this is what I assighend it to be)

TCP/IP settings

IP = 192.168.1.200
Subnet=  255.255.255.0
Gateway = 192.168.1.2  (this the ip for our router)
DNS = 192.168.1.200  (pointing to its own IP as I did in 2000)

Went to DNS under admin tools:

Properties for the servername under forwards shows 2 ips  both are the DNS Ip’s from my ISP.

I CAN get on the net on the server.

Look at the Forward folder is where I am confused.  In 200 there was a “.” That I had to delete.  This is not the case in 2003.  THERE IS A NEW ONE how ever.

Here there is a folder called _msdcsaServername.local
 Inside are folders                  dc
                              Domains
                              Gc
                              Pdc
Then the normal folder        servername.altek
Inside here are folders                          _msdcs
                              _SITES
                              _TCP
                              _udp
                              DomainDnsZones
                              ForstDnsZones
                              TAPI3Directory

Reveres Look up zone shows folder   192.168.1.x subnet


Ok I need to get this client to find the server. I thought I was doing ok on my own from what I learned but fell on my butt.  

HELP where do we go next?

Tim
0
Comment
Question by:mrchaos101
  • 9
  • 6
15 Comments
 
LVL 20

Expert Comment

by:Debsyl99
Comment Utility
Hi Tim

Can you post an ipconfig /all from a client - if it's getting an ip/gateway etc from dhcp on the server, it may be that dhcp isn't working properly,

Deb :))

0
 
LVL 20

Expert Comment

by:Debsyl99
Comment Utility
Also on a client - try setting a static ip address - ie 192.168.1.x where x isn't assigned anywhere else - and manually enter your server dns ip, and gateway as 192.168.1.2 - you have joined the client to the domain yes? (Maybe you haven't-try it with these settings) - What's the client's os?
0
 
LVL 1

Author Comment

by:mrchaos101
Comment Utility

Windows IP Configuration

        Host Name . . . . . . . . . . . . : IT
        Primary Dns Suffix  . . . . . . . :
        Node Type . . . . . . . . . . . . : Unknown
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : NVIDIA nForce Networking Controller
        Physical Address. . . . . . . . . : 00-0C-76-90-B3-30
        Dhcp Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 192.168.1.106
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.1.2
        DHCP Server . . . . . . . . . . . : 192.168.1.2
        DNS Servers . . . . . . . . . . . : 209.142.136.85
                                            209.142.169.250
        Lease Obtained. . . . . . . . . . : Tuesday, September 14, 2004 11:41:12
 AM
        Lease Expires . . . . . . . . . . : Friday, September 17, 2004 11:41:12
AM

On clinet it is set ot obtain all auto.. nomrlay I manualy asign the IPS. but I could nto get it to work with the server.

You should know there is another DOMAIN on the same net work. It is 2 totally diffretn domains though. On called AS (our old) and the one im playing with called ALTEK.



0
 
LVL 1

Author Comment

by:mrchaos101
Comment Utility
Clinet OS is XP PRO

I can make it work with a staic ip of 192.168.1.106   This is the ip that I plan to use with this PC.

the sub net maks and gateway are all fine

IF I enter my ISP DNS I get inter net. if i enter the SERVER IP as the DNS I loose internet.
0
 
LVL 1

Author Comment

by:mrchaos101
Comment Utility
As a side note the ipconfig /all on server shows NO for DHCP ENABELED.  If my understanindg is correct this should not matter when I try to do a STATIC ip on the client correct?
0
 
LVL 20

Expert Comment

by:Debsyl99
Comment Utility
Ah - your router's assigning dhcp by the looks of it - and it's assigning your isp's dns servers to the clients - they need to be the dc's ip address - that's why you can't find the server. Either assign a static and see if it works - then if you want to use dhcp - disable it on your router and set it up on your server instead,

Deb :))

0
 
LVL 1

Author Comment

by:mrchaos101
Comment Utility

Windows IP Configuration

        Host Name . . . . . . . . . . . . : IT
        Primary Dns Suffix  . . . . . . . :
        Node Type . . . . . . . . . . . . : Unknown
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : NVIDIA nForce Networking Controller
        Physical Address. . . . . . . . . : 00-0C-76-90-B3-30
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.1.106
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.1.2
        DNS Servers . . . . . . . . . . . : 209.206.199.16
                                            64.91.3.46
Here is new IPCONFIG /ALL from client.  I set it up as Static as you recomended.  How ever, if I put my SERVER IP in the DNS on the clinet I loos my isp. I still cannot PING the server. Funny thing is.. the server can ping my clinet and the the server can ping it's self.

Still confused here.
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 20

Expert Comment

by:Debsyl99
Comment Utility
Hmm - Make sure you enable tcp/ip over netbios on the xlient and disable the internet connection firewall on the XP client if you haven't already. Set the static IP on the client as follows:

IP 192.168.1.106
Subnet Mask - 255.255.255.0
Default Gateway - 192.168.1.2
DNS Server - 192.168.1.200 (only entry) then try join the pc to the domain

Get it showing up ok in Active Directory users and computers, then we'll sort out the internet access maybe

Deb :))

0
 
LVL 1

Author Comment

by:mrchaos101
Comment Utility
I cannot get it to join the domain.  Those are the settings i used when using windows 2k but for some reason it isn't working 2k3.

I try to join and first box comes up that says cannot find an account for my computer.  I did go to the comptuers in the server and added the object so I know it is there.

Is it possable my PDC is set up wrong?

The clinet doesn't see the server at all... I cannot doa ping 192.168.1.200

NOW if im on the server a can pinb the clinte at 192.168.1.106 and ping it's self at 192.168.1.200.

I dont have the XP firewall running.
I only have TCP/IP protical installed being used.
0
 
LVL 20

Accepted Solution

by:
Debsyl99 earned 250 total points
Comment Utility
Hi

The fact that it says it cannot find an account for your computer is probably a good sign because it looks like its contacting the dc. Does it give you the opportunity to create an account? (Delete the account you made on the DC for now for this PC) If it does, create an account for the pc. For the dc, make sure that your forward lookup zone is ad-integrated (although it usually is by default) and is enabled for dynamic updates. Like I said I'm win2k - let me check it out on my new win2k3 test server (can't get near one right now) so this is just from prior experience. I'm at a conference all day tomorrow, but if you haven't had any further help I'll be back Thursday,

Deb :))
0
 
LVL 1

Author Comment

by:mrchaos101
Comment Utility
Ok thanks for the help... I have both the forward and revers set to update secure and non secure....

but what is bugging me bad is the fact  that I can ping any ip in the company from the server....  yet I cannot ping the server from any other computer.
0
 
LVL 1

Author Comment

by:mrchaos101
Comment Utility
Hmm... I used the wizzard to set up the DHCP, and DNS and AD and PDC..... perhaps the wizzard isn't a good idea.  Last time I did it al manualy.  Maybe I should format and reinstall and do it all by hand?
0
 
LVL 1

Author Comment

by:mrchaos101
Comment Utility
Well I fixed my problem..

After my last post I stayed last night to figur it out. The only thing diff between now and last time was the fact I used that damned wizzard.  I reformated and installed the OS.  THIS TIME, I manualy set up DNS and every thing else.

All of a sudden I could ping the server from the clinet and the clint could go through the server to get on the net.... tell sme the fowarding works as well.

SOOOO.... it makes me think the windows 2003 server set up wizzard is evil  <shruges>

Deb thanks for trying to help me out.  Im sure I will have more issues I cannot solve and I will be asking for help.

Tim
0
 
LVL 1

Author Comment

by:mrchaos101
Comment Utility
Seems DEB helped so much and so often, I am still awarding her the points for helping me out (in hopes she comes by agian when I have more problems hehheeh).

Thank you Kindly Deb.


Tim
0
 
LVL 20

Expert Comment

by:Debsyl99
Comment Utility
Hi Tim,

Thanks - but sorry I wasn't much help - I'd figured that there must have been a problem on the dns on the server (which is why you couldn't ping) but you've sorted it anyway - have just got back from my gruelling conference. Give me a couple of months to get properly up to speed with the quirks of 2k3, but will always help where I can. Useful to know though that on this occasion the wizard isn't such a wizard after all,

Best wishes

Deb :))
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Suggested Solutions

FIPS stands for the Federal Information Processing Standardisation and FIPS 140-2 is a collection of standards that are generically associated with hardware and software cryptography. In most cases, people can refer to this as the method of encrypti…
Sometimes you might need to configure routing based not only on destination IP address, but also on a combination of destination IP address (or hostname) and destination port number. I will describe a method how to accomplish this with free tools. …
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now