Solved

no connectivity server2003

Posted on 2006-07-18
19
206 Views
Last Modified: 2011-09-20
I have server 2003 with Active Directory and it serves as the DNS server.  It has run perfectly within our small network (a couple computers) until I put a public static IP on it.  Now I have no connectivity to the DSL modem (router).  The DSL modem has a public and private IP on it.  The server is the primary domain controller and its DNS points to itself.  The gateway is the public IP of the DSL router.  It is not the connection, as I changed it back to the old IP and it then works (private IP).  I remade the DNS zones to reflect the new IP's.  It did not work before I did that, nor after.  What am I doing wrong?
0
Comment
Question by:quiet30plr
  • 10
  • 9
19 Comments
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 17134242
why do you want a public IP on your server?
0
 

Author Comment

by:quiet30plr
ID: 17134705
In order to join an Active Directory domain, we need the client to be configured with the DNS of the domain controller (DNS server).  This can only be done (through different DSL accounts) by giving the domain controller a public IP.  Any private (NAT) IP would not be recognized.
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 17134854
hmmm i may be missing something here but i am still confused as to why....is your client sitting at a different site? you are sitting behind a DSL router yes?
0
 

Author Comment

by:quiet30plr
ID: 17135669
Yes, it is remote and yes it is behind a DSL router.  When we do an ipconfig, we get the private gateway, not the router's public address that we configured.  Our ISP told us not to change the private IP of the router.  It is a Westell.  I tried to ping the server and router from a remote client and could get them, but cannot get them from the computers behind the same DSL router.  I tried to get the remote computer to join the domain, but got a, "no network path" error.  I can see the server through a remote connection from the remote computer.
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 17143686
i would never give a server a public IP, you are just asking for trouble       what exactly are you trying to acheive and i will see if i can provide an alternative
0
 

Author Comment

by:quiet30plr
ID: 17149112
We are trying to network 4 different buildings with 4 different DSL's.  OUt ISP will not give us a T1.  We will be using Active Directory.  As of now, I have two domain controllers that work perfectly when they have a private static IP, within our group, but we cannot get out of this DSL, there is no way for the other groups to recognise the DC's or DNS.  
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 17150636
why not set up VPN links between the sites?
0
 

Author Comment

by:quiet30plr
ID: 17154200
We have thought of that.  The cost of individual VPN's is a lot.  I don't want to use the free versions, as they are not very secure.  
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 17154732
they can be perfectly secure if configured right, a hell of a lot more secure than using public IP's on you DC!
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 

Author Comment

by:quiet30plr
ID: 17156020
We still have the same problem, though.  I have little experiance with VPNs, but when I did configure them, it was to a public, static IP.  How else does one machine see the other over remote distances?  
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 17159411
with a site to site VPN you do use the public IP do make the connection, however the other side of the router at each site is a different private range
0
 

Author Comment

by:quiet30plr
ID: 17161058
That would tell me that I need the server to have a public IP.  The server is the DNS server, as well as the domain controller.
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 17161863
no that tells you that your router has the public IP at site A and at site B your other router has a different public IP - the VPN setup links between these two

behind the router you may have a 192.168.x.x at site A and a 10.1.X.X range at the other site

no public IP should be sitting on your server at any stage
0
 

Author Comment

by:quiet30plr
ID: 17164240
Thank you.  This might solve our problem.  Let me get it straight... I give each router a public IP (done) - I assign a private IP (static) to the server and then what?  How do I assign the DNS of the private IP (of the server) to the client?  We have a copy of Cisco VPN and its licenses, but only the client.  Do I need the server version of Cisco VPN?  Is there a better VPN for the money and security?
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 17164461
this depends on how you want to go about doing things.....so far you have grasped it well.

your remote client has a couple of options, depending on how you configure DNS....basically if he is sitting behind a router with the VPN link between, then your local DNS server for that site should host a secondary zone for the original site OR if you don't have a remote DNS server then you will have to point your DNS to the local site which holds your DC.....be wary, name resolution over VPN isn't fantastic, and you may have to revert back to static entries in your lmhosts file...

as long as you have a good link between the two routers, i think VPN is your best option, the remote client won't notice anything
0
 

Author Comment

by:quiet30plr
ID: 17165103
I still am at a loss as to how I point to a private IP.
0
 
LVL 48

Accepted Solution

by:
Jay_Jay70 earned 250 total points
ID: 17165160
thats the beauty of a site to site VPN, once it is established, the two networks at either one are virtually "one" so you can just point your client to the DNS server
0
 

Author Comment

by:quiet30plr
ID: 17168171
I'll try it and see if it works.  Thanks.
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 17172160
good luck
0

Featured Post

Network it in WD Red

There's an industry-leading WD Red drive for every compatible NAS system to help fulfill your data storage needs. With drives up to 8TB, WD Red offers a wide array of solutions for customers looking to build the biggest, best-performing NAS storage solution.  

Join & Write a Comment

Are you one of those front-line IT Service Desk staff fielding calls, replying to emails, all-the-while working to resolve end-user technological nightmares? I am! That's why I have put together this brief overview of tools and techniques I use in o…
Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now