[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 721
  • Last Modified:

How to set up simple quick DHCP & DNS on W2k3 Server without AD?

I run a small office with 10 terminals and have no IT person. I was running ok on w2k3 using a router for dhcp and apparently the dns service was provided by my isp.  Now i have installed a watchguard soho6 firewall and removed the router (they connet to a switch) and my terminals keep losing ability to connect to internet.  I have to keep rebooting the firewall to get them to connect.  I know I need dhcp and dns from some source, and know i can set up w2k3 server to provide both, and I am afraid (as I don't understand) of AD, so I don't want that.  Can someone tell me the absolute simplest way to set this system up for internet access and trusted network access.  I use a dell4400 server (actually have two of them) with dual nics (i am not using one, since i dont know what to do with a dual nic setup).  I know how to set up tcpip addresses, and type in the dns server addresses, but don't know what numbers to put in.  My firewall will provide dhcp if i set it up that way, and its address is 192.168.111.1.  I have all the terminals and network printers working ok, just don't know how to get out on the net.  And, should I be afraid of AD? I am using a workgroup.  Would I benefit from a domain?
 
0
195ecentralave
Asked:
195ecentralave
  • 4
  • 2
3 Solutions
 
Rant32Commented:
What exactly are the terminals? Is that a true thin client (i.e. WinCE or XP Embedded) or are they Windows XP workstations?

You'll only benefit from a domain setup with XP Pro clients. Thin clients and XP Home can't use a domain. Benefits of a domain are, amongst others:
- Centralized user management and access control (no need to create user accounts and passwords everywhere)
- Logon scripts (mapping network drives so everybody's using the same letters, easier to exchange data that way)
- Customize and centralize client management with group policies

This requires some work though and I don't suggest installing a domain when not sure what you're doing.

You don't need a domain for DHCP and DNS. You can install the DHCP server and DNS server from the Software control panel. The management consoles are then added to the Administrative Tools. See here: http://support.microsoft.com/default.aspx?scid=kb;en-us;323416 for instructions on how to install the DHCP server.
If you're going to use DHCP, make a note of all IP addresses that are in use on the internal network, and make sure that the DHCP server doesn't hand out IP addresses that are already in use by the firewall, servers, printers or workstations with a static IP address.

You're not required to use DHCP, static addressing works as well. A typical configuration for your network probably looks like this:
IP address: 192.168.111.101 (the last digit must be different for all hosts)
Subnet mask: 255.255.255.0 (this is the same for all hosts)
Gateway: 192.168.111.1 (the firewall)
DNS Server: 192.168.111.1 (also firewall)

This assumes that the firewall can handle DNS forwarding. If it doesn't, then you should install the Windows 2003 DNS server and point the workstations to the W2003 server hosting DNS. You don't necessarily need to set up DNS forwarders; Windows 2003 DNS will find DNS servers by itself.

I suggest configuring one host, and see if that works reliably. Go from there.
0
 
Fatal_ExceptionCommented:
That pretty much explains it, but perhaps I can add a little to your knowledge of IP Addressing, without complicating it.  (like with a discussion of variable length subnet masks)....

Think of an IP Address as a physical address for receiving mail..  When you send a letter (remember snail mail?), the post office needs to know where the destination is..  the same goes for computers, and data packets.

Within the actual IPAddress, you have your 'house' number, and the 'street' name..  To determine which is which, you use a subnet mask.  The subnet mask identifies the 'boundary bit', which divides the 'street' from the 'house number'.

So...  If you use a Classful Class C subnet (denoted by a /24 called CIDR, or 255.255.255.0), the boundary bit is located between the 3rd and 4th Octet.  (Octet is for the binary representation, as 255 = 11111111 in binary).  This means that the first 3 octets tell you the Network Address (or in our discussion the Street Name), and the 4th octet identifies the actual computer.  Every computer on the network WITHIN the same subnet must have the same first 3 octets, and the 4th octet is unique to the computer.

Now, you should be able to do your computer addressing on your LAN!

Just hope this helps!

FE
0
 
Rant32Commented:
The fact that you have to restart the firewall all the time, could be caused by an IP address conflict with the firewall, i.e. that another computer or printer is configured with the same IP address as the firewall. This will give very strange results (hence your problems).

Look for a computer that is configured with the same address as the Watchguard.
0
Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

 
Rant32Commented:
Thanks for the points. Did we help?
0
 
Fatal_ExceptionCommented:
Yes, thanks, and best of luck with getting this working...

FE
0
 
195ecentralaveAuthor Commented:
I got a good education on dhcp and dns settings on this one, but still am having problems with some of my xp pro sytems, cant access the internet.  all will if i reboot the soho6.  but not for long.  i setup the dns on my server, no help, so i uninstalled it.  since i never had it set up to begin with i assume the dns came from my isp, since all my xp pro computers on the network had obtain dns automatically set in the tcpip page in the connection settings.  I have posted a question for the soho6 setup on the firewall section of the security forum to see if perhaps there is something i  am not doing right there.
but your answers helped me rule out other problems and i now know more about how my system works. thanks,
0
 
Rant32Commented:
You should also link to this question so the experts can see what was going on here.

You can't configure a Windows client to obtain DNS automatically, if it doesn't also obtain it's IP automatically.

So, what solution did you choose? Is the firewall or the W2003 server a DNS? All static IP addressing (in which case you must also enter a DNS manually)?

You can't have 2 DHCP servers on the same network handing out duplicate IP-addresses (overlapping range); won't work.
0

Featured Post

Prep for the ITIL® Foundation Certification Exam

December’s Course of the Month is now available! Enroll to learn ITIL® Foundation best practices for delivering IT services effectively and efficiently.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now