Solved

Switching routers and server is not resolving

Posted on 2010-09-15
25
597 Views
Last Modified: 2012-06-27
Inherited a small network that uses Untangle box for router/firewall (192.168.1.1). Been freezing up, time to replace, so am installing a Sonicwall TZ100. My DHCP/DNS Server, though is my windows server 2008 box. Like typical, its dns server is 127.0.0.1 and a forwarder of 192.168.1.1..
However, when I swap the Untangle for the Sonicwall (gave same ip), the Windows server will not resolve domains.... as soon as I plug back in the Untanngle, it resolves. I can resolve directly from the sonicwall...so what step am I missing? Thx for help..
0
Comment
Question by:xav1963
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 13
  • 12
25 Comments
 
LVL 9

Expert Comment

by:vanbarsoun
ID: 33686941
The windows server DNS server setting should be set to its own actual IP, NOT 127.0.0.1
0
 

Author Comment

by:xav1963
ID: 33686967
vanbarsoun .... 127.0.0.1 has always worked for me... but I changed it to local ip... so far no difference in resolving....
0
 
LVL 9

Expert Comment

by:vanbarsoun
ID: 33687002
Have you checked the Sonicwall to see if it can resolve domains? I believe it should be in the System>Diagnostics>then PING tool
0
Is your NGFW recommended by NSS Labs?

Ours is! NSS Labs Next Generation Firewall Test gives the WatchGuard Firebox M4600 a "Recommended" rating! Curious where your NGFW landed on the  Security Value Map? See the map and download the full report today!

 

Author Comment

by:xav1963
ID: 33687034
yes it resolves fine....
0
 

Author Comment

by:xav1963
ID: 33687096
Van.... let me retract that statement... in sonicwall>diagnostics... I can easily do domain lookups...
but it will not ping the same hosts...what do I need to open on the sonicwall?
0
 
LVL 9

Expert Comment

by:vanbarsoun
ID: 33687102
Run a "tracert www.google.com" or any other domain from your Windows server and see where's it's failing.
0
 
LVL 9

Expert Comment

by:vanbarsoun
ID: 33687111
It's OK if the Sonicwall is not getting a ping response, as long as it's able to resolve the domain name to an IP address.
0
 
LVL 9

Expert Comment

by:vanbarsoun
ID: 33687130
Check your Sonicwall Network>DNS setting and you'll probably find your answer there. It should point to either your ISP's DNS servers or a reliable DNS servicer like opendns.org (208.67.220.220 and 208.67.222.222).
0
 

Author Comment

by:xav1963
ID: 33687147
I can connect a laptop to the sonicwall and have internet... so wouldn't it be something on the windows server?
0
 

Author Comment

by:xav1963
ID: 33687157
yet when I add sonicwall to the network and do a tracert from windows server, I get "unable to find target system"...
0
 
LVL 9

Expert Comment

by:vanbarsoun
ID: 33687183
Sounds like it. Have you run the tracert command on the windows server? Can you send a screenshot of the DNS forwarder setup?
0
 

Author Comment

by:xav1963
ID: 33687227
ok..give me a minute to get those... one diferrence I have found...
if I enable dhcp server on sonicwall, it will provide my isp dns servers and laptop resolves fine...
if I put in static and list its local ip (192.168.1.1) as dns server, wont' resolve...
which that is how windows server dhcp is setup... dns forwarder is 192.168.1.1

0
 
LVL 9

Expert Comment

by:vanbarsoun
ID: 33687258
That makes sense, so have you checked the actual DNS settings the Sonicwall itself is using in the Network>DNS section? Because once DNS queries get passed off to the Sonicwall, whether it's your Windows server or laptop making the request, the Sonicwall is going to look at its own DNS setup and go from there, and that's where it seems to be failing.
0
 

Author Comment

by:xav1963
ID: 33687279
I added the isp dns servers to the windows server dns forwarders list... with the 192.168.1.1 beig in first place...and now I have internet... but why? I shouldn't have to do that... it works fine with just the 1 forwarder when I use the Untangle box...any thoughts....
0
 
LVL 9

Expert Comment

by:vanbarsoun
ID: 33687287
Still waiting on the Network>DNS settings which might answer your question.
0
 

Author Comment

by:xav1963
ID: 33687345
ok...I have compared the dns settings on untangle and sonicwall and are identical... only difference is that our isp is timewarner with 1 static ip... on the untangle, it still set to dynamic wan while on the sonicwall, I put the info in as static....
what do you want me to send a screenshot of again?
0
 
LVL 9

Expert Comment

by:vanbarsoun
ID: 33687350
Still waiting on the Network>DNS settings which might answer your question.
0
 

Author Comment

by:xav1963
ID: 33687454
0
 
LVL 9

Expert Comment

by:vanbarsoun
ID: 33687472
ok, need 2 more: on the sonicwall go to Network>DNS and send a screenshot of that. And on your windows server need a screenshot of the DNS forwarding settings of the forward lookup zone in question (this will override the settings you've provided in the screenshot per the note in the bottom of the screenshot).
0
 

Author Comment

by:xav1963
ID: 33687526
not sure if this is what you want...sorry....
local-domain-ns.png
sonicwall-dns.png
0
 

Author Comment

by:xav1963
ID: 33687555
Here is my nslookup now from the server... takes a little while to kick in and resolve... can I fix that?
nslookup.png
0
 
LVL 9

Expert Comment

by:vanbarsoun
ID: 33687568
Check the Conditional Forwarders in your Windows DNS console (second last node in your screenshot) to make sure nothing is configured there.
0
 

Author Comment

by:xav1963
ID: 33687578
there are no items in the conditional forwarders...
0
 
LVL 9

Accepted Solution

by:
vanbarsoun earned 500 total points
ID: 33687591
I just tried to simulate your environment, sort of, and if I point my DNS to the sonicwall resolution fails also. At this point I'm not sure if it's a Sonicwall issue or if this is by design, but since ultimately your ISP's DNS servers are going to resolve things I would remove your 192.168.1.1 entry from your forwarders list, leaving the 2 other ISP entries,  and it should work fine.
0
 

Author Closing Comment

by:xav1963
ID: 33687607
ok....works for me now...later on I might open a ticket with Sonicwall and see what they say but for now...this works fine...thx for help...
0

Featured Post

[Webinar] Learn How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Resolve DNS query failed errors for Exchange
OfficeMate Freezes on login or does not load after login credentials are input.
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question