Solved

Need help setting up a home network lab for mcse training

Posted on 2004-10-29
574 Views
Last Modified: 2010-03-18
Here is my situation.  I have dsl physically connected to a wireless router.  I have a windows 2000 server with two nic cards.  One is physically connected to the wireless router for internet access, the second is connected to a hub.  I have 3 clients connected to the hub-WinNT, Win 2K, and XP Pro.  I want to setup a "true" domain for training.  I want to setup DNS and DHCP on the server, I want to setup a firewall(I assume it should be set on the nic that is connected to the wireless router)  I was thinking of setting up a stand alone DNS/DHCP server?  What is the best way to go about this entire setup?  Specifically, what do I setup first?  DNS, DHCP, the firewall?  Do I create my own subnet?  Will the wirelss router mess up my domain?  Should I create static ip's on my nic cards for the clients?  Also, how do I get internet to work through the clients?  ICS.  My biggest objective is to make this 4 pc setup as true to a real world domain as possible.  Help is appreciated.
0
Question by:JPJP
    28 Comments
     
    LVL 104

    Expert Comment

    by:Sembee
    Closest to a real world as possible?

    First. Remove or disable the second network card in the server. I never use a Windows 200x server as a router.
    Don't use ICS. It is a pile of poo and has no place in a business environment of above 2 machines.

    Next, connect everything to the router. This may mean some recabling so that the hub is also connected to the router. All machines need to be able to see and ping the router.

    Get the router's internal IP address and keep a note of it. Then disable DHCP on the router.
    As a side note, I always put the gateway (the router IP address) as .254 - 192.168.11.254. The server then goes on .1

    Install Windows 2000 server, add DHCP and DNS to the server. Configure the server with a static IP address. The gateway is the IP address of the router. The DNS will be its own IP address.
    Configure DHCP to issue DNS as ONLY the server. The gateway as the router.
    Setup the domain (not telling you how to do that if you are studying).
    Add the machines to the domain (as above).

    Simon.
    0
     

    Author Comment

    by:JPJP
    How do I find out the router address range?  Do I have to install the netgear software on the 2kserver?  Do I connect everything to the router exzcept the clients?  Do I run the clients through the hub?  Its a 4 port router and a 4 port hub.
    0
     
    LVL 104

    Expert Comment

    by:Sembee
    Most routers will have DHCP enabled by default - therefore all I would do is plug a machine with a DHCP enabled network card in to the router and wait for the IP address information to be allocated.
    Once that has happened, use ipconfig to find out the gateway address and then use the web browser interface to configure the router. There should be no reason to use the Netgear software (unless they have removed the web interface).

    Once you have connected the router and the hub together then you can plug devices in to either of them.
    Look at the hub to see if it has a special cross over port, this will allow you to use a normal network cable to connect them. What I would say though is to put the machines that are high traffic in to the same device.

    For example, on my home network I have a 4 port router and a 5 port mini switch. In the router is my Exchange server (which also serves as a file and web server) plus my primary workstation. Those are the two machines I use most.
    In the switch is everything else, wireless access point, print server, test machines etc.

    Simon.
    0
     

    Author Comment

    by:JPJP
    Well, I tried to set this up and now I have phone service but cant hit the internet.  The way my setup works now is, I have my Cable/DSL modemconnected to my vonage voice over ip box, then I have this box connected to my router.  I have my 2k server connected to one of the ports on the router, and my 4 port hub connected to a second port on the router.  I will worry about connecting client pcs to my network later on.  Basically, I want to have 4 computers that can be setup in this domain and 3 of the 4 to use DNS and DHCP from the 2k server.  I aslo have 2 laptops(which will not be part of the domain)  wireless laptops.  I want all computers whether in the domain or not to be able to access the internet, but I want the computers in the domain to use DNS/DHCP from the 2k server not from the router.  I'm lost on how to do that.  SHould I setup my ip's in my domain with 10.0.0.x so the router does not confuse the domain with my cable companies domain?  Can a router even do this?  Im asking the router to provide internet access to both domain and workgroup computers, under different dns/dhcp servers and different subnets?  Also, is my gateway going to be the ip of my voip because that is the first device connected to the dsl modem?  One thing that might make this a little easier is the 2 laptops that I also want internet access for are both wireless.
    0
     
    LVL 104

    Expert Comment

    by:Sembee
    What configuration changes have you made to the router? If non, then I would plug a machine in to the router - possibly a laptop or something, configured for DHCP and see what address is issued.
    The router should be able to do NAT - that is what most routers do. This is where a single IP address is shared by mutiple machines.
    The gateway address is usually the internal LAN address of the router. The router then sorts the rest out.
    You need to confirm that the traffic is flowing first - once you have the internal IP address set, you can disable DHCP on the router.

    You can then think about configuring your internal network. DHCP and DNS is very easy to setup, just follow the wizards. Set DNS to be the internal IP address of the server. The gateway address is the router's internal address.
    That should be it.

    IP address choice is yours. 10.x.x.x is perfectly valid. You could also use 192.168.x.x - but don't use 192.168.0.x or 192.168.1.x as that is what everyone else uses.

    Simon.
    0
     

    Author Comment

    by:JPJP
    Here is my current configuration.  I have the dsl plugged into the router, I have my 2kserver with a nic card plugged into the router, I have a second nic card on my 2k server plugged into a hub.  The router has DHCP enables on it.  My laptop outside of the network have no problem hitting the internet.  If I try and disable DHCP on the router, no computer can get internet access.  When I try to go into the w2k configure your server wizard, It already thinks DHCP is setup using the ip address of the nic connected to the router 192.168.0.4.  If I try to delete this and reopen the box, its back in there.  I want the second nic card on my server 10.0.0.1 to be the DNS/DHCP server for all clients I will hook up through the hub, but I cant get the system to get rid of the dhcp as using the router.  The router does have nat enabled automatically, which doesn't concern me.
    0
     
    LVL 104

    Expert Comment

    by:Sembee
    Forget about using the configure server wizard. Configure the network directly. Start, Settings, Network Connections. This should allow you to configure the network settings the way that you want.

    You said at the start that you wanted to simulate what is in a corporate environment. Having a server operate as a router is not the normal way of working. The router needs to handle all the traffic.
    As it currently stands you are using the server as a router. The cabling arrangement needs to be adjusted as I have outlined above. This includes using only one of the network cards - the other needs to be disabled or removed.

    If you are going to be changing the cabling, you could leave DHCP enabled on the router to test it. Once the cabling is sorted, disable DHCP on the router and use DHCP from the server, making sure that it gives out the correct information including the IP address of the router as the gateway.

    Simon.
    0
     

    Author Comment

    by:JPJP
    When I try to disable dhcp on the router, my voice over ip and my laptops outside of the domain lose internet connectivity.  I want the server to manage dhcp and dns to my clients and I want the router to manage internet connectivity for my computer that will not be in the domain.  Thats why I had the hub connected to my second nic card and I was trying to setup dhcp/dns on that card.
    0
     
    LVL 104

    Expert Comment

    by:Sembee
    The problem you have is that the configuration you currently have is not one that is seen inside any corporate environments. VOIP devices will be found internally, running as the PBX system.
    Have you enabled DHCP on the server to see if it works in the way I have outlined - ie without the VOIP or other complications?

    Simon.
    0
     

    Author Comment

    by:JPJP
    OK.  Heres the latest.  I reset up everything.

                                                             DSL-------Router(4 Port)

                                           All of these devices are plugged directly into the router                        

            W2K Advanced Server             Vonage Voice over IP           4 port hub               Empty

    I also have 2 laptops that connect to the router through wireless.  These are both set to obtain an ip automatically and obtain dns server automatically.  My 2kserver is in a workgroup, I have not promoted it to a dc yet, it is also currently obtaining an ip and dns servers automatically.  Also, I have disables the 2nd nic card in my server for now.The router is set to get an internet ip and domain dns automatically from the ISP(default), and I have the router setup to use router as dhcp server for ip range of 192.168.0.2-192.168.0.20.  My routers ip is 192.168.0.1.

    How should I configure this for the best "{network administration" "mcse" training?  I have been  told to use 2 nics in the server, I have been told to let the router handle all traffic.  The reason I wanted to setup dns/dhcp on my server is for training purposes.  Dont I have to have DNS enabled on my server to implement active directory?  I want to setup a domain with the server as a dc and my clients through the hub as my testing domain.  THe wireless laptops will not be part of my domain.  Ideally, what I wanted was my domain to use 10.0.0.x addresses so not to be confused with the router and use the routers ip as the gateway, BUTTTTTTT, people have advised me to not do this.  My other issues was when I tried to enable DHCP on the server(The first time) it was pointing to the wrong nic card and basically shot down all my internet connections.  Now I have a functional setup and will not proceed until I know I am setting this up properly.  Help is appreciated.

     
    0
     
    LVL 104

    Expert Comment

    by:Sembee
    Now you have a working setup, it is farily easy to switch to running in a domain.
    The two laptops that will not be part of the domain can still use the DC for DHCP and DNS - Windows doesn't really care in that respect. My laptop goes on to client networks with no problem.

    First - I would get the server working correctly.
    Install DNS, install DHCP and anything else that you need to add.
    You will need to change the server to a static IP address, this will have to be something outside of the DHCP range of the router. 192.168.0.100 or something like that.
    Enter the router's IP address as the default gateway. You should point DNS back to itself (ie the same IP address that you have just given it). This will break browsing the internet until DNS has been installed.

    Then DCPROMO it to create the domain. Follow the wizard to let it create the DNS settings etc. Reboot when prompted.
    Before you go any further, check to see if you can browse the internet from the server. If not, then that should be resolved before you continue (post back if need be). The other machines are still working on the old settings.

    Once browsing is working on the server, using itself for DNS information, you can configure DHCP. You will need to configure the following options as well as the scope.
    003 Router (IP address of the router)
    005 Name Servers (IP address of the Windows server ONLY).
    006 DNS Servers (IP address of the Windows server ONLY).
    015 Domain name (your domain name: domain.com or whatever).

    Activate it and disable DHCP on the router.
    Either reboot or run the command
    ipconfig /release
    then
    ipconfig /renew
    on one of the client machines. It should get an IP address from the server. Check that it can browse the internet.
    If it can browse you can then think about adding these machines to the domain. Repeat the above command on other machines connected to the network, including machines that will not be part of the domain.

    That is a very simple network, how mine home network is setup, and a scaled down version of how most smaller business networks are setup.

    Why you were told to do it any other way is beyond me.

    Simon.
    0
     

    Author Comment

    by:JPJP
    A couple of questions before I advance.

    1.  Can I use any static ip I like?  10.0.0.x for example.
    2.  Do I install DNS/DHCP from the configure your server wizard?
    3.  If I disable dhcp on the router, will this have any effect on pc's that are outside of the domain?
    4.  Do I have to setup scopes?

    0
     
    LVL 104

    Expert Comment

    by:Sembee
    Answers....

    1. Not quite any you like. 10.0.0.x is one that will work, as is 192.168.x.x
    I would steer clear of using 192.168.0.x and 192.168.1.x as everyone+dog uses them.
    Whichever range you use must be the third digit must be the same - 192.168.99.x - on all devices, including the LAN interface on the router.
    Use the subnet mask of 255.255.255.0 and you will not go wrong.

    2. Not a great lover of the wizards. You can use them.
    However I usually close them then use Add/Remove Programs, Add/Remove Windows components to add the bits I need, the start the applets and work through them.
    3. After you have configured DNS and DHCP on the router - no. They will get the same information as the domain clients, which is perfectly OK.
    4. Yes. Step through the new scope wizard and will ask you for the information you need. It will ask for WINS, but if you don't have any Windows 9x or NT machines, you can leave that blank.

    Simon.
    0
     

    Author Comment

    by:JPJP
    I tried to follow the instructions above 11/10 9:42 comment, but I could not get out on the internet.  My 2k server has an ip of 10.0.0.1, I also setup the 003, 005, 006, 015 settings for the domain controller.  DHCP shows active on the server, when I do an ipconfig /all ny system shows dhcp enables-no.  It looks like you said 10.0.0.x will work as an ip for the server, but I was wondering if I have to setup an ip so they are both on the same subnet mask?  Also, what settings within the netgear routewr do I have to configure(point it to the  2k server, etc...) for it to recognize the server as dhcp and dns and let the server do the work?  Sembee, If I could I'd give you more that 500 points.  I appreciate the help
    0
     
    LVL 104

    Expert Comment

    by:Sembee
    The server must have a static IP address. Thus doing ipconfig /all and seeing NO for DHCP is correct.
    Therefore you will need to configure the network address settings by hand.

    IP Address: 10.0.0.1
    Subnet: 255.255.255.0
    Default Gateway 10.0.0.254

    DNS Primary: 10.0.0.1
    DNS Secondary <blank>

    Above is presuming that your server is on 10.0.0.1 and the router's LAN IP address is 10.0.0.254

    For the clients, set the scope to be be something like range 10.0.0.11 - 10.0.0.20
    All other settings as the server.
    Once that is set, plug in a client machine and see whether it gets an IP address.

    From the server, can you ping the router?

    ping 10.0.0.254

    If not then the IP address could be different on the router.

    Take baby steps, don't try to do too much at once.

    Simon.
    0
     

    Author Comment

    by:JPJP
    If my addresses are 10.0.0.x, wouldnt the subnet have to be 255.0.0.0?  Or can I have,

    Router 192.168.0.1
    S Mask 255.255.255.0


    W2K Server
    IP 10.0.0.1  Static
    S Mask  255.255.255.0
    D Gateway 10.0.0.1?  or 192.168.0.1

    Scopes as 10.0.0.2-10.0.0.2
    0
     
    LVL 104

    Expert Comment

    by:Sembee
    You can subnet down 10.0.0.0 to 255.255.255.0. It is more efficient to have the smallest subnet that you can.

    I can immediately see your problem. You have mixed subnets. The traffic cannot route.
    You have two choices.

    1. Change the subnet used on the client machines to match the router. So the server will have to be 192.168.0.2, DNS the same, subnet mask 255.255.255.0
    2. Change the router's LAN IP address to be a 10.0.0.x address.

    As for your scope - that needs to be increased. Currently you have 1 IP address available. Increase it to at least 10.
    10.0.0.10 - 10.0.0.20 (The only reason I went up to 10 as the starting IP address is so that it is obvious which address is DHCP. Sometimes a server can end up with mutiple addresses).

    Simon.
    0
     

    Author Comment

    by:JPJP
    Heres the latest.  My server has a static ip of 192.168.0.2.  The server options are:

    003 Router   192.168.0.1  The ip of my netgear router
    005 Name Servers 192.168.0.2  The ip of my server
    006 DNS Servers   192.168.0.2   The ip of my server
    015 DNS Domain Name   XXXXXXX.local
    044 WINS Servers 192.168.0.2
    I have a scope of 192.168.0.21-192.168.0.40  setup for when clients connect to the domain.
    No address leases, no reservations.  My 2k server can not get out to the internet.  The other 2 laptops not in the domain can get out to the internet.
    The Server has not been authorized yet in DHCP.  My laptops can ping both the router and the server and get replies ok, I just cant hit the internet on the server.

    On the router.
    Use router as DHCP server is checked off for ip addresses 192.168.0.2-.20
    Static Routes-I do not have any setup.
    Internet IP address and DNS address are set to get from isp.
    These settings are pretty much the default of the router.  I think Im close to getting this to work.  I dont want to authorize the DHCP on the 2k server until I cant hit the internet, I think it will mess up the other computers.  
    Any thoughts.
     
    0
     
    LVL 104

    Expert Comment

    by:Sembee
    Do you have DNS server installed on the Server? If not then you need to. Once it is installed, will the server do an nslookup?

    Command prompt

    nslookup www.google.com

    Simon.
    0
     

    Author Comment

    by:JPJP
    I do have a DNS server installed on the computer.  It is integrated within Active Direcotry and shows that it is running.  If I choose obtain ip and DHCP server automatically on my nic, the server can hit the internet.  If I try to put a static ip on my nic, the server cant hit the internet.  If I try and do an nslookup, I get an error

    Unknown cant find www.google.com Non-existent domain.  I also set DHCP as active on my server-still no luck.  Could it have ot do with my ip addresses.

    Router ip 192.168.0.1
    2KServer 192.168.0.2
    D Gateway 192.168.0.1
    Subnet 255.255.255.0

    003 Router   192.168.0.1  The ip of my netgear router
    005 Name Servers 192.168.0.2  The ip of my server
    006 DNS Servers   192.168.0.2   The ip of my server
    015 DNS Domain Name   XXXXXXX.local
    044 WINS Servers 192.168.0.2


    The server is in a domain called xxxxxxx.local   the router is not.  I have the router to act as a dhcp server for ip address range of 192.168.0.3-.20.  My 2k server which is the one I am trying to get to be the Domain Controller shows DNS/DHCP as setup and active.  I have the 2kservers ip set in the router as a static route-I don't think this makes any difference.  I also have 192.168.0.2 as a reserved ip in reservations under my scope.  I also have a scope of 192.168.0.21-.40 for addresses for the server to use to assign to computers.  Basically, after all this configuring and reconfiguring, I still cant hit the internet on my server if I have a static route setup as use the servers ip as the DHCP server.  If I obtain automatically, I have no problem hitting the internet.  There is an option to uncheck using the router as a dhcp server, but I feel this would just hose all my connections, and I dont see why I have to do this as I specifically told it to use as dhcp server for ip addresses of 192.168.0.3-.20.  Anyway, Im starting to get a little frustrated to say the least.  If anyone has any suggestions, feel free...
    0
     

    Author Comment

    by:JPJP
    I also forgot to mention, when I did disable the dhcp on the router and authorized the server as a dhcp server, my laptop(clients) were getting ip addresses of 192.168.0.21,  .22, but no computer could hit the internet.
    0
     
    LVL 104

    Expert Comment

    by:Sembee
    The DNS settings look fine.

    First, check that traffic can get out of the network when you the server has static IP address information.
    Ping 192.168.0.1 and make sure that the gateway is functioning.

    Then ping 66.102.11.99 - that is the IP address of Google. If that fails then traffic isn't even getting out of the network.

    If traffic is getting out, then you need to look at the DNS configuration.
    There are two reasons why DNS fails.

    1. A "root" zone has been placed in the DNS. This makes the server think it is responsible for all DNS traffic and will not send any requests it doesn't know about to the Internet.
    To check, open the DNS applet and make sure that you don't have a zone called "*" (star).

    2. The second reason is that your ISP doesn't allow access to the root DNS servers. These are the servers located on the Internet that all other DNS servers get their information from. Some ISPs block access to DNS and make you use their DNS servers. In order to get Windows to use the ISPs servers instead, you need to use the forwarders option.
    Get the address of your ISPs DNS server, you may have these on some paperwork or have to look on their web site.
    Then go in to the DNS applet, right click on the server and choose "Properties". Click on the tab "forwarders" and enter the IP addresses of the ISPs DNS servers. Apply/OK out.

    Try the above tests again.

    Simon.
    0
     

    Author Comment

    by:JPJP
    I have no problem pinging the router or the Google ip.  I also do not have a star listed for zones.  I do have one that looks like a period.  My problem is the "forwarders" tab is greyed out and it won't allow me to make any additions to it.  It tells me that forwarders are not available because this is a root server?  I also cant set up root hints because it says it is a root server.
    0
     
    LVL 104

    Expert Comment

    by:Sembee
    Ah ha. It is a root server. That explains everything. There must be a root zone somewhere in the DNS configuration.
    I didn't explain it very well, let me try again.
    Open the DNS applet, then the forward lookup zone. Something in there is probably the root zone. If there is a zone that you don't recognise as yours (domain.local or _mscds.domain.local (where domain.local is your internal domain)) then you need to delete it.

    If you aren't sure, post what forward zones are listed.

    Simon.
    0
     

    Author Comment

    by:JPJP
    Within the forward lookup zones , I have 2 folders.
    .
    parcorp.local

    Within the .  , I have;
    local (folder)
    same as parent folder (document)     Start of authority
    same as parent folder (document)     Name Server
    w2kserver                  (document)     Host


    Within the parcorp.local folder I have,
    _msdcs(folder)
    _sites(folder)
    _tcp (folder)
    _udp(folder)
    same as parent folder (document)     Start of authority
    same as parent folder (document)     Name Server
    w2kserver                  (document)     Host


    I do not know which folder if any to delete.  Once I delete this folder, do I  then go ahead and add the ISP DNS servers into the forwarding area?  And, do I disable DHCP on the router, or does it not make a difference because I have the router to enable DHCP for ip's 192.168.0.3-.20, and I have a scope on the server for DHCP of 192.168.0.21-.40?
    0
     
    LVL 104

    Accepted Solution

    by:
    Remove the "." zone. That is the cause of the problems.
    Then try it without using forwarders. You may not need them.

    You do need to disable DHCP on the router as you can only have one DHCP source on the network. It isn't the assignment of IP addresses that is the problem, but DNS.

    Simon.
    0
     

    Author Comment

    by:JPJP
    Simon

    Your the man.  I just wanted to Thank You.  Once I deleted the . DHS and DHCP are working greAT.  nEVER WOULD HAVE DONE IT WITHOUT YOU AND EVERYONE ELSE WHO HELPED.
    0
     
    LVL 104

    Expert Comment

    by:Sembee
    Glad to hear that you have got it working.
    Cheers for the points.

    Simon.
    0

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone. Privacy Policy Terms of Use

    Featured Post

    Do You Know the 4 Main Threat Actor Types?

    Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

    A brief overview to explain gateways, default gateways and static routes OR NO - you CANNOT have two default gateways on the same server, PC or other Windows-based network device. In simple terms a gateway is formed when a computer such as a serv…
    Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
    This video is in connection to the article "The case of a missing mobile phone (https://www.experts-exchange.com/articles/28474/The-Case-of-a-Missing-Mobile-Phone.html)". It will help one to understand clearly the steps to track a lost android phone.
    Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

    877 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    13 Experts available now in Live!

    Get 1:1 Help Now