Posted on 2004-09-26
Last Modified: 2010-04-10
I am working on a network here is the setup.
9 client machines
2 Windows Servers (1 - Windows 2000 Server, 1 - Windows 2000 Advanced Server)
The Windows 2000 Server, configured with 2 NiC cards, one as WAN and one as LAN is running DHCP, DNS, Active Directory, Exchange Server, WINS, and remote access. DHCP works, each of the client machines access and pull their IPs from this server.. Active Directory works, because my users I create login into the domain, Exchange Server is operational all users are getting email, remote access works, WINS i beleive is working as well, DNS seems to be working.
I've set the internetal IPS to be assigned starting at (researving to for servers and future expansion)
I've set the WAN connection and it is working correctly, I can access the internet from the server.
I've set the LAN connection as follows:
Prefered DNS:
Sec. DNS:
and under Advanced, I added the WINS server which is
The LAN connection leads to a hub which has all 9 client machines connected, as I said they can login and access shares, print, ect. but cannot access the internet.
When I attempt to PING from a client machine, it is unable to resolve host, but if I ping it works fine.
Also, my second server (Windows 2000 Advanced Server) is running on the network, but no AD is set up (I haven't been able to fully patch it) and I want to use it as a secondary domain controller.. but it can't access the intenet either and has only one NIC (which is fine, because I've assigned it IP: can be pinged from any client)
Here is the stats from a ipconfig /all command: EDITED OF COURSE!!!
Windows 2000 IP Configuration

        Host Name . . . . . . . . . . . . : server1
        Primary DNS Suffix  . . . . . . . :
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : Yes
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . :

Ethernet adapter WAN:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : 3Com EtherLink XL 10/100 PCI For Complete PC Management NIC(3C905C-TX)
        Physical Address. . . . . . . . . : MAC address
        DHCP Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : Static IP was here
        Subnet Mask . . . . . . . . . . . :
        Default Gateway . . . . . . . . . :
        DNS Servers . . . . . . . . . . . : ISP DNS SERVER #1
                                            ISP DNS SERVER #2

Ethernet adapter LAN:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : 3Com EtherLink XL 10/100 PCI For Complete PC Management NIC (3C905C-TX) #2
        Physical Address. . . . . . . . . : MAC address
        DHCP Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . :
        Subnet Mask . . . . . . . . . . . :
        Default Gateway . . . . . . . . . :
        DNS Servers . . . . . . . . . . . :
        Primary WINS Server . . . . . . . :

Any information would be greatly appreciated.

Question by:iwalmsley
  • 5
  • 4
  • 2
  • +1

Expert Comment

ID: 12154021
Hi, Ian

First of all your server has to be set as the DNS Forwarder, and point to the ISP DNS server.
You'll also need a reverasal lookup installed/ configure on the Server.

Then all client's must point their DNS to YOUR internal DNS server. By the way it also looke like the clinets do not have a default gateway in the DHCP Scope.

In the DHCP Scope choose router specify the address. If you don't know the address of that router then on the serve rwho has access to the internet do a tracert the first hopis the router address (default Gateway). insert into the DHCP Scope
LVL 79

Expert Comment

ID: 12154405
Also make sure that the clients have a default gateway set to
Are you using ISA, or NAT on the server? Is it set up properly?

Expert Comment

ID: 12154436
Why not start by finding out if it is a problem with DNS or with routing in general?
Go to a client machine and try pinging a known external ip address.

Google:  I can ping it.

If you can ping the address above, your DNS needs fixing. If you can't, then do as suggested above, check the default gateway being allocated to the clients.

Author Comment

ID: 12155900
>> You'll also need a reverasal lookup installed/ configure on the Server.

I beleive this is done already.

I just installed NAT on the server (as per the white paper from microsoft - "Connecting Your Network to the Internet" Not sure if it is set-up correctly because after I did what the Deployment Scenario said it was not working.

cccego2: I have done this as well, and when I ping the IP -- Request Timed out.

The default gateway is being allocated in my NIC Settings, and still nothing.

Hope this information.
LVL 79

Expert Comment

ID: 12156017
Can you post result of C:\>route print
From a test PC, not the server

Author Comment

ID: 12156058
Interface List
0x1 ........................... MS TCP Loopback interface
0x1000003 ...00 80 1e 16 df f1 ...... Realtek RTL8139/810x Family Fast Ethernet
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
       1       1       1       1       1       1       1
Default Gateway:
Persistent Routes:

there ya go!
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails


Author Comment

ID: 12156410
More information..
I installed ISA and it disabled more than it did anything and did not allow the clients to access the internet anyways. So I have uninstalled it again and we are back to the way I was before I started today.
I have upgraded the point value on this questions because I need to get this running ASAP.
I do not have NAT or ISA running but DNS And DHCP seem to be operational.
These are the only errors in my Event Log:
1. Unable to contact a DHCP server. The Automatic Private IP Address will be assigned to dial-in clients. Clients may be unable to access resources on the network.
2. DNS Server has updated its own host (A) records.  In order to insure that its DS-integrated peer DNS servers are able to replicate with this server, an attempt was made to update them with the new records through dynamic update.  An error was encountered during this update, the record data is the error code.
If this DNS server does not have any DS-integrated peers, then this error
should be ignored.
No other errors.. Again, everything but internet on client machines works. BTW.. the white paper I was refering to in my earlier comments, I tried that this morning when I got into the office, (installing a Internet Connection thru NAT) and all that -- That did not work either, that is why I tried ISA, which did not work either.

Accepted Solution

ccceqo2 earned 70 total points
ID: 12158647
Well, you are definitely going to need either NAT (in routing and remote access) or ISA set up. Reading your last post it sounds like you now have neither?
Also, it looks like that route print came from your other server? If this is right, would you be able to post a route print from a machine that is using DHCP?
I can't think of what might actually be wrong at the moment, but the above might help.
LVL 79

Expert Comment

ID: 12159244
Did you try the "how to" Microsoft article that I posted in my link?

Author Comment

ID: 12164437
I installed the NAT server I beleive correctly.
Now I have a slight different problem. Now only a few computer can access the internet.
4 of the 9 clients can access the internet.
I have left the settings blank in Connections in Internet Explorer, and checked and the server is issuing IPs to the other computers.
So the problem is partialy solved, but not all the way?
what's up now?
LVL 79

Assisted Solution

lrmoore earned 60 total points
ID: 12164534
Check output of
C:\>route print

Once from one of the 4 systems that have no problem
Once from one of the 5 systems that cannot

Look for differences between default gateway, subnet mask, dns nameserver, etc..

Author Comment

ID: 12166258
Thanks Guys!

I'm sure I'll have more questions, I just dont have any points!!!!

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Suggested Solutions

Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
Join Greg Farro and Ethan Banks from Packet Pushers ( and Greg Ross from Paessler ( for a discussion about smart network …
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now