How to set up simple quick DHCP & DNS on W2k3 Server without AD?

I run a small office with 10 terminals and have no IT person. I was running ok on w2k3 using a router for dhcp and apparently the dns service was provided by my isp.  Now i have installed a watchguard soho6 firewall and removed the router (they connet to a switch) and my terminals keep losing ability to connect to internet.  I have to keep rebooting the firewall to get them to connect.  I know I need dhcp and dns from some source, and know i can set up w2k3 server to provide both, and I am afraid (as I don't understand) of AD, so I don't want that.  Can someone tell me the absolute simplest way to set this system up for internet access and trusted network access.  I use a dell4400 server (actually have two of them) with dual nics (i am not using one, since i dont know what to do with a dual nic setup).  I know how to set up tcpip addresses, and type in the dns server addresses, but don't know what numbers to put in.  My firewall will provide dhcp if i set it up that way, and its address is  I have all the terminals and network printers working ok, just don't know how to get out on the net.  And, should I be afraid of AD? I am using a workgroup.  Would I benefit from a domain?
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

What exactly are the terminals? Is that a true thin client (i.e. WinCE or XP Embedded) or are they Windows XP workstations?

You'll only benefit from a domain setup with XP Pro clients. Thin clients and XP Home can't use a domain. Benefits of a domain are, amongst others:
- Centralized user management and access control (no need to create user accounts and passwords everywhere)
- Logon scripts (mapping network drives so everybody's using the same letters, easier to exchange data that way)
- Customize and centralize client management with group policies

This requires some work though and I don't suggest installing a domain when not sure what you're doing.

You don't need a domain for DHCP and DNS. You can install the DHCP server and DNS server from the Software control panel. The management consoles are then added to the Administrative Tools. See here:;en-us;323416 for instructions on how to install the DHCP server.
If you're going to use DHCP, make a note of all IP addresses that are in use on the internal network, and make sure that the DHCP server doesn't hand out IP addresses that are already in use by the firewall, servers, printers or workstations with a static IP address.

You're not required to use DHCP, static addressing works as well. A typical configuration for your network probably looks like this:
IP address: (the last digit must be different for all hosts)
Subnet mask: (this is the same for all hosts)
Gateway: (the firewall)
DNS Server: (also firewall)

This assumes that the firewall can handle DNS forwarding. If it doesn't, then you should install the Windows 2003 DNS server and point the workstations to the W2003 server hosting DNS. You don't necessarily need to set up DNS forwarders; Windows 2003 DNS will find DNS servers by itself.

I suggest configuring one host, and see if that works reliably. Go from there.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Fatal_ExceptionSystems EngineerCommented:
That pretty much explains it, but perhaps I can add a little to your knowledge of IP Addressing, without complicating it.  (like with a discussion of variable length subnet masks)....

Think of an IP Address as a physical address for receiving mail..  When you send a letter (remember snail mail?), the post office needs to know where the destination is..  the same goes for computers, and data packets.

Within the actual IPAddress, you have your 'house' number, and the 'street' name..  To determine which is which, you use a subnet mask.  The subnet mask identifies the 'boundary bit', which divides the 'street' from the 'house number'.

So...  If you use a Classful Class C subnet (denoted by a /24 called CIDR, or, the boundary bit is located between the 3rd and 4th Octet.  (Octet is for the binary representation, as 255 = 11111111 in binary).  This means that the first 3 octets tell you the Network Address (or in our discussion the Street Name), and the 4th octet identifies the actual computer.  Every computer on the network WITHIN the same subnet must have the same first 3 octets, and the 4th octet is unique to the computer.

Now, you should be able to do your computer addressing on your LAN!

Just hope this helps!

The fact that you have to restart the firewall all the time, could be caused by an IP address conflict with the firewall, i.e. that another computer or printer is configured with the same IP address as the firewall. This will give very strange results (hence your problems).

Look for a computer that is configured with the same address as the Watchguard.
Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

Thanks for the points. Did we help?
Fatal_ExceptionSystems EngineerCommented:
Yes, thanks, and best of luck with getting this working...

195ecentralaveAuthor Commented:
I got a good education on dhcp and dns settings on this one, but still am having problems with some of my xp pro sytems, cant access the internet.  all will if i reboot the soho6.  but not for long.  i setup the dns on my server, no help, so i uninstalled it.  since i never had it set up to begin with i assume the dns came from my isp, since all my xp pro computers on the network had obtain dns automatically set in the tcpip page in the connection settings.  I have posted a question for the soho6 setup on the firewall section of the security forum to see if perhaps there is something i  am not doing right there.
but your answers helped me rule out other problems and i now know more about how my system works. thanks,
You should also link to this question so the experts can see what was going on here.

You can't configure a Windows client to obtain DNS automatically, if it doesn't also obtain it's IP automatically.

So, what solution did you choose? Is the firewall or the W2003 server a DNS? All static IP addressing (in which case you must also enter a DNS manually)?

You can't have 2 DHCP servers on the same network handing out duplicate IP-addresses (overlapping range); won't work.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Networking

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.