Solved

no connectivity server2003

Posted on 2006-07-18
19
213 Views
Last Modified: 2011-09-20
I have server 2003 with Active Directory and it serves as the DNS server.  It has run perfectly within our small network (a couple computers) until I put a public static IP on it.  Now I have no connectivity to the DSL modem (router).  The DSL modem has a public and private IP on it.  The server is the primary domain controller and its DNS points to itself.  The gateway is the public IP of the DSL router.  It is not the connection, as I changed it back to the old IP and it then works (private IP).  I remade the DNS zones to reflect the new IP's.  It did not work before I did that, nor after.  What am I doing wrong?
0
Comment
Question by:quiet30plr
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 10
  • 9
19 Comments
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 17134242
why do you want a public IP on your server?
0
 

Author Comment

by:quiet30plr
ID: 17134705
In order to join an Active Directory domain, we need the client to be configured with the DNS of the domain controller (DNS server).  This can only be done (through different DSL accounts) by giving the domain controller a public IP.  Any private (NAT) IP would not be recognized.
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 17134854
hmmm i may be missing something here but i am still confused as to why....is your client sitting at a different site? you are sitting behind a DSL router yes?
0
Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

 

Author Comment

by:quiet30plr
ID: 17135669
Yes, it is remote and yes it is behind a DSL router.  When we do an ipconfig, we get the private gateway, not the router's public address that we configured.  Our ISP told us not to change the private IP of the router.  It is a Westell.  I tried to ping the server and router from a remote client and could get them, but cannot get them from the computers behind the same DSL router.  I tried to get the remote computer to join the domain, but got a, "no network path" error.  I can see the server through a remote connection from the remote computer.
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 17143686
i would never give a server a public IP, you are just asking for trouble       what exactly are you trying to acheive and i will see if i can provide an alternative
0
 

Author Comment

by:quiet30plr
ID: 17149112
We are trying to network 4 different buildings with 4 different DSL's.  OUt ISP will not give us a T1.  We will be using Active Directory.  As of now, I have two domain controllers that work perfectly when they have a private static IP, within our group, but we cannot get out of this DSL, there is no way for the other groups to recognise the DC's or DNS.  
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 17150636
why not set up VPN links between the sites?
0
 

Author Comment

by:quiet30plr
ID: 17154200
We have thought of that.  The cost of individual VPN's is a lot.  I don't want to use the free versions, as they are not very secure.  
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 17154732
they can be perfectly secure if configured right, a hell of a lot more secure than using public IP's on you DC!
0
 

Author Comment

by:quiet30plr
ID: 17156020
We still have the same problem, though.  I have little experiance with VPNs, but when I did configure them, it was to a public, static IP.  How else does one machine see the other over remote distances?  
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 17159411
with a site to site VPN you do use the public IP do make the connection, however the other side of the router at each site is a different private range
0
 

Author Comment

by:quiet30plr
ID: 17161058
That would tell me that I need the server to have a public IP.  The server is the DNS server, as well as the domain controller.
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 17161863
no that tells you that your router has the public IP at site A and at site B your other router has a different public IP - the VPN setup links between these two

behind the router you may have a 192.168.x.x at site A and a 10.1.X.X range at the other site

no public IP should be sitting on your server at any stage
0
 

Author Comment

by:quiet30plr
ID: 17164240
Thank you.  This might solve our problem.  Let me get it straight... I give each router a public IP (done) - I assign a private IP (static) to the server and then what?  How do I assign the DNS of the private IP (of the server) to the client?  We have a copy of Cisco VPN and its licenses, but only the client.  Do I need the server version of Cisco VPN?  Is there a better VPN for the money and security?
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 17164461
this depends on how you want to go about doing things.....so far you have grasped it well.

your remote client has a couple of options, depending on how you configure DNS....basically if he is sitting behind a router with the VPN link between, then your local DNS server for that site should host a secondary zone for the original site OR if you don't have a remote DNS server then you will have to point your DNS to the local site which holds your DC.....be wary, name resolution over VPN isn't fantastic, and you may have to revert back to static entries in your lmhosts file...

as long as you have a good link between the two routers, i think VPN is your best option, the remote client won't notice anything
0
 

Author Comment

by:quiet30plr
ID: 17165103
I still am at a loss as to how I point to a private IP.
0
 
LVL 48

Accepted Solution

by:
Jay_Jay70 earned 250 total points
ID: 17165160
thats the beauty of a site to site VPN, once it is established, the two networks at either one are virtually "one" so you can just point your client to the DNS server
0
 

Author Comment

by:quiet30plr
ID: 17168171
I'll try it and see if it works.  Thanks.
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 17172160
good luck
0

Featured Post

Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

FIPS stands for the Federal Information Processing Standardisation and FIPS 140-2 is a collection of standards that are generically associated with hardware and software cryptography. In most cases, people can refer to this as the method of encrypti…
A common practice in small networks is making file sharing easy which works extremely well when intra-network security is not an issue. In essence, everyone, that is "Everyone", is given access to all of the shared files - often the entire C: drive …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question