• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 266
  • Last Modified:

Getting Clients to Access the Internet; Windows 2k8; dual-homed network cards

Greetings,

I am having issues getting my client computers (small network of less than 50 clients) to get internet access. I am using 2k8. One server with multiple roles. My ISP gave me a static ip and I have the external NIC configured as they specified. The server can access the Internet just fine. The server can also see all of the computers on the network. The DHCP is handing out IPs to the terminals in the 10.19.0.x (x= 50 to 200) scope. The clients can ping each other and the server but not the ISP's dns or anything outside the network. The clients can also access network resources such as printing. To the best of my knowledge, the only thing the clients can not do is venture out beyond the network.

A rough network overview. Comcast is the ISP and provided a modem in which their cable drops into. From there cat5e to the patch panel and directly to the server. The external NIC is configured as per the ISP instructions. The internal NIC: I set the IP to 10.19.0.1. On the second NIC should the primary DNS be itself? This I wasn't too sure of. It currently is set as such. I believe that I have also set the subnet to 255.255.255.0 on the internal NIC. I have the DHCP and DNS roles installed. The DHCP has been authorized in AD and seems to be correctly handing out IPs.

I would really appreciate some advice and/or suggestions as to how to get the clients access to the Internet. My instinct says that the trouble is somewhere on the server, but I have run out of things to try (well, that I know of at least). Thanks in advance!

~Dragonfyre2825 (NML)
0
Dragonfyre2825
Asked:
Dragonfyre2825
  • 6
  • 4
2 Solutions
 
Cobra25Commented:
Can any of the clients ping outside? Such as say 4.2.2.2 ? Have you configured any forwarders on your DNS?
0
 
Dragonfyre2825Author Commented:
None of the clients can ping outside. The server can ping outside and inside. The clients can ping each other just fine.

As for forwarders, I have not configured any no. To be honest I am rather new to the server side of things, and am trying to learn as I go. I have read mention of forwarders, but know very little on the concept. I think myself a quick study. If you can point me in the right direction I would appreciate it.

~Dragonfyre2825
0
 
Cobra25Commented:
I'm assuming you have a switch as well that all of the workstations are patched into? What is the gateway pointed to for all of the workstations in the DHCP scope?
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
Dragonfyre2825Author Commented:
Off hand I don't remember what the default gateway is set to. (If i had to guess I might say 192.168.1.1) But if it isn't too much trouble, could we pretend that I have incorrectly set it?

Unless I am mistaken the "Default Gateway"  is the node - often router or modem - that routes traffic between network segments, or in my case outside the network. Since all the clients, with perhaps 1 or 2 exceptions, plug directly into the wall which goes to the patch panel and then to the server, what would be the default gateway? Would it end up being the modem between my server and my ISP? Would it be my ISP's default gateway?
0
 
Cobra25Commented:
As far as the DNS forwarders go, look at this:

http://msmvps.com/blogs/ad/archive/2008/09/05/how-to-configure-conditional-forwarders-in-windows-server-2008.aspx

You can either point your server to comcast's DNS servers or you can use a free one like OpenDNS's:
208.67.220.220
208.67.222.222
0
 
Cobra25Commented:
The gateway is the link that joins your inside network to the outside. I think your best bet is to put a firewall after your cable modem and that should resolve your problems. So the ethernet feed from the modem goes to the firewall, and then one of the ports on the fw goes to your switch where all the workstations plug into. Your server continues to run DHCP and assigns the IP of the Firewall as the gateway. Your firewall will NAT all of the inside ip addresses to a public one (PAT) when they need to go outside to the internet and receive data back and forth. In this scenario, you will only need one NIC and that will be configured with an inside address.
0
 
Dragonfyre2825Author Commented:
Thanks for all the advice. I have spent the last 20ish minutes reading about the forwarding. I know that I didn't do anything with that. So I think that I will try that to start. It looks that I just need to add my ISP to the list for All domain queries. And that should send all traffic to my ISP and their system handles the rest. Sound about right?
0
 
Cobra25Commented:
Thats right, but since the workstations cant even ping outside, its not a DNS issue (but you will still want to setup the forwarding at some point). The problem with your network right now is that you dont have a proper gateway setup to send your internal traffic outside. Right now your network is configured as 10.19.0.1 with a mask of /24, and im not sure why the gateway is on another subnet - 192.168.1.1 ?
0
 
Dragonfyre2825Author Commented:
Well, it was just a guess as to what it was set at. But whether those numbers are exact or not, I am sure I jumbled it somewhere. Is the gateway an esoteric numbering set or is it the address of an actual piece of hardware?
0
 
Cobra25Commented:
The gateway would be the ip address of the actual piece of hardware in your network (firewall, router)
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

  • 6
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now