Solved

Microsoft Windows 2000 Server Networking Trouble after configuring Routing and  Remote Access.

Posted on 2007-11-21
10
225 Views
Last Modified: 2013-12-19
The setup is this: W2k server....6 clients....in a true server/client domain network. The W2k server is also the Domain Controller.  I'm coming behind another Network Admin who designed and implemented with zero documentation.

After adding a NAT rule in Routing and Remote Access on the W2K Server the entire network was non-functional. Server has two NICs and acts as a gateway for the network using NAT and IP routing on the server. All the clients connect to a Switch (not router) that connects to the server's 1st NIC. The 2nd NIC in the server connects to the internet via a DSL modem.

After many hours of reading and tinkering (dangerous I know) I finally got some network functionality back...Routing and Remote Acess (RRA) IP routing seemed to get P2P behavior back between PC's on the network...but the clients still couldnt' get to the web. Turning on RRA NAT returned internet access for all the clients (Server never lost internet access).

My problem is now... the network is rather slow and sluggish...and there seem to be some privilege issues. One client cannot connect to another, where it used to etc...I will elaborate when I'm back on site soon (within 2 hours).

Thanks for any general and specific advice on what I can do to restore things as close as they were to before...and to generally diagnose and speed up a W2K domain.
0
Comment
Question by:Undermeind
  • 6
  • 4
10 Comments
 
LVL 17

Accepted Solution

by:
John Gates earned 500 total points
ID: 20327596
Where are the clients getting IP addresses from?  Is this same server also a DHCP server?
0
 

Author Comment

by:Undermeind
ID: 20328118
This Server isn't configured for DHCP. The IP's are hard coded. Would DHCP help increase network efficiency?

UPDATE:

Quickbooks Financial is very slow. It had always been relatively slow (need maintenance), but not it is unacceptably sluggish.  We also use Quickbooks POS...it is somewhat slower...but not as bad as financial.

Other network traffic seems slower than it should be as well. Not unbearably so, but enough to make me conclude this is all related to my "reconfiguring" the network. Otherwise, I'd be on the phone with Quickbooks tech support.
0
 
LVL 17

Expert Comment

by:John Gates
ID: 20328434
Well without know what ip schemes you have layed out it is going to be hard to make any suggestions.  If your server internal nic is let's say 192.168.1.1 then your machines should be 192.168.1.2 - ? and the gateway should be 192.168.1.1  Is this server acting as the gateway a DNS server?  If you have your local subnet configured correctly there should not be any speed issues..
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 

Author Comment

by:Undermeind
ID: 20328883
Here is my IP scheme:

The Server's WAN NIC has an IP of 192.168.1.2 (DSL modem is 192.168.1.1)
The Server's LAN NIC has an IP of 192.168.2.1  
Clients are: 192.168.2.101-106....

Subnet (possible my problem): per the directions for setting up NAT:
DSL modem and WAN NIC use subnet of 255.255.255.0
LAN NIC and all Clients use a subnet of 255.255.0.0....

UPDATE: all clients are still slow accessing QB Financial...Inet seems to run fine..

HOWEVER...one client that was not physically connected (cable unplugged) to the network when I got all the others functioning is not accessing Inet nor other clients/server. Is there a reason that I would have to have every client connected when I setup NAT in RRA?
0
 
LVL 17

Expert Comment

by:John Gates
ID: 20328902
Yes that is your problem  have both subnet masks at 255.255.255.0 you are confusing the server on where to send traffic.

-D-
0
 
LVL 17

Expert Comment

by:John Gates
ID: 20328917
So on all your machines use subnet mask 255.255.255.0 then your routing will work correctly.  The way you have it set up at 255.255.0.0 your clients think everything is local (Including you WAN side)
0
 

Author Comment

by:Undermeind
ID: 20328936
ALSO: each client is using 192.168.2.1 as both the default gateway and the Primary DNS...with no secondary DNS entry.

Also, I noticed on two clients i hadn't actually changed the Subnet to 255.255.0.0...and they were working the same....why?

When I changed them to 255.255.0.0 from 255.255.255.0 there is no change in behavior.

I've never understood subnets much.
0
 

Author Comment

by:Undermeind
ID: 20328944
okay...im changing everything to 255.255.255.0 and checking the results...
0
 

Author Comment

by:Undermeind
ID: 20328957
Should I change the subnet to be the same (255.255.255.0) on both the LAN and WAN NIC?
0
 

Author Comment

by:Undermeind
ID: 20357956
Well...I gave in and installed a router/firewall. Instead of the W2K server managing access to the internet and DHCP, now the router handles these functions. The problem seems to be resolved with the domain fully intact and operating better than ever.

Dimante...you get an E for effort...and the points.
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Hyper-convergence systems have taken the IT world by storm and have quickly started to change our point of view of how the data center should and could be architected. In this article, I’ll explain the benefits of employing a hyper-converged system …
Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question