Avatar of mbudman
mbudman
Flag for Canada asked on

Problems with Virtual machine and DHCP

Hello,

Our network consists of a two DHCP servers in a Windows 2003 Active directory network. The DC's are also the DNS servers and DHCP servers.

We also have several developers running virtual machines (VMWARE).

Employees are allowed to VPN into the network (firewall is ISA server 2006). The ISA server assigns the VPN clients an ip address from the DHCP servers. All this is automatic and it works.

The problem:

The virtual machine gets assigned an dynamic ip address (from DHCP server). When a VPN client connects, it can also get assigned the same ip address. It is the same DHCP server that is assigning the ip addresses.

It appears that the virtual machine is the culprit. The DHCP server does not realize it has assigned a used ip address to the VM machine.

Example:

The virtual machine is up and running; it can be pinged and is network aware; it sees all machines on the network and is part of the domain.

A user connects to the network from home via VPN client. The computer is assigned the same ip address (via DHCP) as the virtual machine. The remote computer cannot communicate on the network.

Any suggestions? This is a serious problem and a big headach to resolve.

Thanks in advance.

Mark
VMwareWindows Server 2003Microsoft Forefront ISA Server

Avatar of undefined
Last Comment
mbudman

8/22/2022 - Mon
coolsport00

I guess my question is: is there a reason you don't assign static IPs to your VMs (I assume those are server VMs)? That would resolve this, but not the underlying issue of why DHCP is assigning similar IPs to multiple machines.

~coolsport00
mbudman

ASKER
The company I work for is a software house - as a result, the developers create virtual machines for testing; these machines are mainly XP boxes and not servers. They are also at times put into a hibernation type mode.

Here is an update:

I tried remote desktop to the VM in question; it is a member of the domain; user has it locked; As a test, I tried logging on with my credentials (admin rights) and I get the following error:

"Windows cannot connect to the domain, either because the domain controller is down or otherwise unavailable, or because your computer account was not found"

I tried to logon to the domain  from the machine that hosts the VM and same issue. The firewall is deactivated. It is possible (programmer is not certain) that this VM is a copy of another VM and the SID is in conflict.

I am going to try to remove it from the domain and rejoin t osee if it resolves the problem.

In any case, it is strange that I can ping all machines as I can long on with local admin account to VM machine.

Do you know of a test to see if AD communication is correct?

Thanks,

Mark
Psy053

Have you done an IPCOFIG /ALL on the VM's? I am guessing that the VM's will be receiving their Addreses from the built-in VMWare DHCP Server.
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes
ASKER CERTIFIED SOLUTION
coolsport00

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
vmwarun - Arun

Please clarify as to what VMware Software are you using in your network, VMware Workstation, Server or ESX.
pwindell

The VMs need to make their own separate VPN Connection into the system.  Do not "piggyback" over the Host machine's VPN Connection.  In fact,...the Parent Host Machine does not need to VPN in at all,...in fact the Parent Host Machine does not even need to fully function on it's LAN or any other LAN for that matter,...All it needs is for the Nic Hardware and Nic driver to work so that the VMWare can "bridge" across the Nic Hardware.to make it's own Virtual Nic "come to life".  The Parent Host Machine can even be totally incapacitated at the TCP/IP level.   For example you could give it completely bogus TCP/IP specs on its Nic leaving it helpless on the LAN it is sitting on and the VMs would still work fine.
mbudman

ASKER
Thanks for your assistance.

Cheers,

Mark
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.