Solved

Is an alternate DNS configuration possible?

Posted on 2007-03-19
12
211 Views
Last Modified: 2010-03-18
This is the situation.  There is a managed router on my network with a 2003 SBS server.  The server's dns is set up with dns forwarding so that the clients can access the internet.  The router is handing out the dhcp with the server's ip as the dns server.  We have a few users who do not authenticate on the domain, but need to be able to get on the internet.  At first the router also had the dns of the isp listed as a secondary dns server in the dhcp scope, but that was causing problems with the users that authenticate on the domain so that was removed and now the only dns server given out by the router is the server's ip.  Now the users that do not authenticat ont he domain cannot get internet access.  Is this configuration possible?  If so how can I accomplish it?  
0
Comment
Question by:suzanne2003
  • 5
  • 4
  • 3
12 Comments
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18750324
DHCP should be configured on the server, not the router, especially where you are running SBS. This allows for central management, more scope options and proper DNS registration of older O/S's.
The fact that the PC's are not members of the domain and cannot authenticate is irrelevant. They can still be assigned DHCP assign information by the server and will work fine using the server for DNS and DNS forwarding.
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 400 total points
ID: 18750337
Since you are reconfiguring an existing SBS, which requires using wizards when ever possible, you should have a look at the following document regarding setting up DHCP on an existing SBS:
http://www.microsoft.com/technet/prodtechnol/sbs/2003/plan/gsg/appx_c.mspx#EXG
0
 

Author Comment

by:suzanne2003
ID: 18750440
So if I run through this wizard then it will disable the router as my dhcp device and there is nothing I will need to do with the ISP? (every time I need to change something I need to call them.  I have no access to the router myself.)  
0
 
LVL 4

Assisted Solution

by:Michael Frederick
Michael Frederick earned 100 total points
ID: 18750511
1. Have your ISP dispable the DHCP on the router.
2. Setup DHCP on your 2003 server, make sure to setup your scope to use the GW, DNS and any reserved IPs.
3. The cleints that do not auth to the server should not have an issue with using the DNS or DHCP on the server.

You want to time this right, so that when the DHCP is disabled on the router, your DHCP on the server is up and running. After hours is the best. This way when the users login in the morning they are using the new DHCP server.

Cheers.
0
 
LVL 4

Expert Comment

by:Michael Frederick
ID: 18750514
Correction:
1. Have your ISP disable the DHCP on the router.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18750515
You, or you ISP, will have to disable DHCP on the router. If SBS sees the DHCP server, it will disable it's own DHCP service.

What is interesting, though DHCP should run on the SBS, it still should be working now for your non-domain clients. If they are assigned the SBS as their DNS server, it should still redirect the DNS queries to the DNS forwarder.
Have you checked with  ipconfig /all on the problematic client PC's that they are being assigned the appropriate IP addressing.
To confirm it is a DNS issue see if they can connect to Google by IP:
http://64.233.187.99/ 
0
Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

 

Author Comment

by:suzanne2003
ID: 18750550
Yes they are getting all the correct ip addressing correctly but they are not able to get to google by IP.  The only thing different with these users is that they do not authenticate on the domain.
0
 
LVL 4

Expert Comment

by:Michael Frederick
ID: 18750586
Then this is not a DNS issue. You should still setup the 2003 server as the DHCP server, but if you can not get to google using and IP with either machine, you have something esle going wrong here.

Is there a firewall inplace?
Can you ping the router from either one of these machines?
Can you ping the outside DNS servers (the forwarders)?

Cheers
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18750715
Does your SBS have 2 network adapters? Might normal traffic be routed through it and this traffic is routing directly to the router and the ISP has a restriction as to MAC addresses or # of connections. Compare a  tracert  on a working and non-working PC. The router may not respond, you might get a "request timed out" message but it will at least indicate the number of hops/devices.
0
 

Author Comment

by:suzanne2003
ID: 18753143
I don't know what was wrong exactly, but I made the SBS server the DHCP server and now everything is working fine.  Thanks for all of your help.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18753159
Excellent. Glad to hear.
SBS likes to have all the default configurations, and using wizards. There are so many interrelated components that some break if you "stray from the norm", unlike server 2003 which you can customize as you wish. Not to say SBS is not a great product, it is.
Cheers !
--Rob
0
 
LVL 4

Expert Comment

by:Michael Frederick
ID: 18756673
Perfect!
If there is anything else that we can help you with, just ask.

Cheers
0

Featured Post

Save on storage to protect fatherhood memories

You're the dad who has everything. This Father's Day, make sure your family memories are protected. My Passport Ultra has automatic backup and password protection to keep your cherished photos and videos safe. With up to 3TB, you have plenty of room to hold the adventures ahead.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Greetings, Experts! First let me state that this website is top notch. I thoroughly enjoy the community that is shared here; those seeking help and those willing to sacrifice their time to help. It is fantastic. I am writing this article at th…
Enterprise networks where VoIP phones have been deployed frequently use port configurations that allow both a computer and an IP phone to be plugged into the same switch port but use different VLANs. On Cisco equipment I'm referring to the "native V…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.
A company’s greatest vulnerability is their email. CEO fraud, ransomware and spear phishing attacks are the no1 threat to a company’s security. Cybercrime is responsible for the largest loss of money to companies today with losses projected to r…

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now