Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Windows Server 2008 - LAN computers cannot access internet. I'm losing hair!

Posted on 2010-08-15
6
Medium Priority
?
595 Views
Last Modified: 2012-05-10
I'm trying to geta fresh installation of WIndows Server 2008 R2 64bit to allow internet access to my LAN computers.

I've wiped the machine and started again several times. The first time I tried, it worked no problem. I started again because MS Exchange went awry - that's a different story. I know - it's a bad idea  to have Exchange on a DC - I'm testing stuff out.

The configuration is ADSL router>Server 2008>switch>LAN

The WAN nic is set to 192.168.1.1, subnet 255.255.255.0, gateway 192.168.1.254 (router IP), DNS 127.0.0.1

LAN nic is set to 192.168.16.1, subnet 255.255.255.0, no gateway, DNS 127.0.0.1.

When everything is set up, IPCONFIG /ALL confirms this - the server can access the internet, and also see LAN computers.

The DNS server has the forwarders of my ISP - that's all good.

The DHCP server has the router enabled in both "server options" and "scope options".

RRAS is installed and working as a NAT router - it knows which nic connects to the internet.

The LAN computers can see the server, browse it, ping it, whatever.

IPCONFIG /ALL when run on a LAN machine is fine - all present and correct. They have the gateway of the server (192.168.16.1), and the DNS server is the same...BUT...they cannot ping the router at 192.168.1.254.

Surely this is a DNS problem?

I'm moving to Server 2008 as an upgrade from 2003 - I know that like the back of my hand and never had this problem.

What am I doing wrong? Someone help me please before my heads explodes.

Thanks!





0
Comment
Question by:mprssjpr
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 4

Accepted Solution

by:
ebooyens earned 400 total points
ID: 33441025
Why are you hooking up the server in between your router and the LAN?  If you really want a server to play router/firewall you'd need ISA server to do a decent job, but personally I don't like ISA, guess it's just me.  Instead give the ADSL router an IP on your LAN, plug it into your switch and point your clients straight to the router using the server as DNS.

What router have you got?  You'll need to make sure the firewall and NAT on the router is set up so you allow the minimum into the network, but I personally don't think you get much benefit of having a server in between the clients and router.
0
 
LVL 27

Assisted Solution

by:Steve
Steve earned 800 total points
ID: 33441159
have you set up RRAS on the server to perform routing? The server does not automatically perform routing and may be ignoring LAN requests for internet access. If it is set up, you may have your default routes set up incorrectly.

Also, you have the WAN NIC's DNS set to localhost. This is normally set to the router or an external DNS not the local server. thats the internal NIC, not the WAN one.

Finally, if you cannot ping the router you have a more serious problem. Try connecting a PC to the router and checking if that can ping it when on the correct subnet. You need to be sure if the issue is on the server or the router.
0
 
LVL 4

Author Comment

by:mprssjpr
ID: 33441200
Guys - thanks for the tips.

I'm not sure what was going wrong with that scenario, but I tried everything from scratch again - same issue.

Except, this time, IPCONFIG /ALL on the LAN machines reported that the DNS server was set to localhost.

I checked on the DNS server, and sure enough, there it was. Changing it to the LAN nic of the server worked.

Why the hell Windows Server 2008 can set up upteen different ways on seperate occasions given the same instructions is a mystery.

Anyway, cheers again! No doubt I'll be back with MS Exchange 2010 posers shortly.
0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 27

Assisted Solution

by:Steve
Steve earned 800 total points
ID: 33441302
Nice one.
as a precaution, check your DNS server settings. by default it may accept DNS requests on BOTH NICS. if this is the case, it will post DNS entries for itself under both IP addresses even though only one will be accessible from your LAN.

Always set DNS to accept requests on a specific IP, not on all IPs.
0
 
LVL 6

Assisted Solution

by:mkuehngoe
mkuehngoe earned 400 total points
ID: 33446712
I agree with ebooyens. A multihomed server is no fun. Put your modem into the switch. If you want a good firewall put something like a pfsense before it.
0
 
LVL 8

Assisted Solution

by:dosdet2
dosdet2 earned 400 total points
ID: 33451073
I agree - better to have users go straight out to the router.  But if not - use the 192.x.x.x address for your DNS.  If you use 127.0.0.1 then your clients try to use themselves for DNS.
0

Featured Post

How Blockchain Is Impacting Every Industry

Blockchain expert Alex Tapscott talks to Acronis VP Frank Jablonski about this revolutionary technology and how it's making inroads into other industries and facets of everyday life.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Citrix XenApp, Internet Explorer 11 set to Enterprise Mode and using central hosted sites.xml file.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question