Solved

Is an alternate DNS configuration possible?

Posted on 2007-03-19
12
216 Views
Last Modified: 2010-03-18
This is the situation.  There is a managed router on my network with a 2003 SBS server.  The server's dns is set up with dns forwarding so that the clients can access the internet.  The router is handing out the dhcp with the server's ip as the dns server.  We have a few users who do not authenticate on the domain, but need to be able to get on the internet.  At first the router also had the dns of the isp listed as a secondary dns server in the dhcp scope, but that was causing problems with the users that authenticate on the domain so that was removed and now the only dns server given out by the router is the server's ip.  Now the users that do not authenticat ont he domain cannot get internet access.  Is this configuration possible?  If so how can I accomplish it?  
0
Comment
Question by:suzanne2003
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 3
12 Comments
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18750324
DHCP should be configured on the server, not the router, especially where you are running SBS. This allows for central management, more scope options and proper DNS registration of older O/S's.
The fact that the PC's are not members of the domain and cannot authenticate is irrelevant. They can still be assigned DHCP assign information by the server and will work fine using the server for DNS and DNS forwarding.
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 400 total points
ID: 18750337
Since you are reconfiguring an existing SBS, which requires using wizards when ever possible, you should have a look at the following document regarding setting up DHCP on an existing SBS:
http://www.microsoft.com/technet/prodtechnol/sbs/2003/plan/gsg/appx_c.mspx#EXG
0
 

Author Comment

by:suzanne2003
ID: 18750440
So if I run through this wizard then it will disable the router as my dhcp device and there is nothing I will need to do with the ISP? (every time I need to change something I need to call them.  I have no access to the router myself.)  
0
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

 
LVL 4

Assisted Solution

by:Michael Frederick
Michael Frederick earned 100 total points
ID: 18750511
1. Have your ISP dispable the DHCP on the router.
2. Setup DHCP on your 2003 server, make sure to setup your scope to use the GW, DNS and any reserved IPs.
3. The cleints that do not auth to the server should not have an issue with using the DNS or DHCP on the server.

You want to time this right, so that when the DHCP is disabled on the router, your DHCP on the server is up and running. After hours is the best. This way when the users login in the morning they are using the new DHCP server.

Cheers.
0
 
LVL 4

Expert Comment

by:Michael Frederick
ID: 18750514
Correction:
1. Have your ISP disable the DHCP on the router.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18750515
You, or you ISP, will have to disable DHCP on the router. If SBS sees the DHCP server, it will disable it's own DHCP service.

What is interesting, though DHCP should run on the SBS, it still should be working now for your non-domain clients. If they are assigned the SBS as their DNS server, it should still redirect the DNS queries to the DNS forwarder.
Have you checked with  ipconfig /all on the problematic client PC's that they are being assigned the appropriate IP addressing.
To confirm it is a DNS issue see if they can connect to Google by IP:
http://64.233.187.99/ 
0
 

Author Comment

by:suzanne2003
ID: 18750550
Yes they are getting all the correct ip addressing correctly but they are not able to get to google by IP.  The only thing different with these users is that they do not authenticate on the domain.
0
 
LVL 4

Expert Comment

by:Michael Frederick
ID: 18750586
Then this is not a DNS issue. You should still setup the 2003 server as the DHCP server, but if you can not get to google using and IP with either machine, you have something esle going wrong here.

Is there a firewall inplace?
Can you ping the router from either one of these machines?
Can you ping the outside DNS servers (the forwarders)?

Cheers
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18750715
Does your SBS have 2 network adapters? Might normal traffic be routed through it and this traffic is routing directly to the router and the ISP has a restriction as to MAC addresses or # of connections. Compare a  tracert  on a working and non-working PC. The router may not respond, you might get a "request timed out" message but it will at least indicate the number of hops/devices.
0
 

Author Comment

by:suzanne2003
ID: 18753143
I don't know what was wrong exactly, but I made the SBS server the DHCP server and now everything is working fine.  Thanks for all of your help.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18753159
Excellent. Glad to hear.
SBS likes to have all the default configurations, and using wizards. There are so many interrelated components that some break if you "stray from the norm", unlike server 2003 which you can customize as you wish. Not to say SBS is not a great product, it is.
Cheers !
--Rob
0
 
LVL 4

Expert Comment

by:Michael Frederick
ID: 18756673
Perfect!
If there is anything else that we can help you with, just ask.

Cheers
0

Featured Post

[Webinar] Learn How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
Suggested Courses
Course of the Month10 days, 17 hours left to enroll

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question