Solved

Unable to Browse Remote Locations on the Network

Posted on 2010-09-22
26
545 Views
Last Modified: 2012-05-10
I recently installed 2008 SBS replacing a 2003.  Once the installation was complete and all workstations rejoined a dot local domain, replacing a dot com, I find that even with WINS, browsing the network from any location only shows networked connections in THAT location. This was not the case with the 2003 server.  I have attempted all that I know to do, and would really appreciate some help.  Thanks.
0
Comment
Question by:Chaord49
  • 12
  • 7
  • 7
26 Comments
 
LVL 8

Expert Comment

by:TSGITDept
ID: 33737013
Can you ping any IP addresses that are outside of your subnet?
Can you reach google.com from Internet Explorer?
If not then your default gateway and routing may be messed up.

Also look at your local IP configuration:  Start>Run>ipconfig /all
make sure your DHCP server is providing the correct default gateway.
0
 

Author Comment

by:Chaord49
ID: 33737245
All 3 locations are on the same subnet.  All computers and servers can be reached.  Shared folders found through IE and the run utility.  Internet is fine.  I will double check the gateway settings in all 3 locations, but the rest seems to be fine.  The machines are just not on the list when you browse the network, which creates a big pain the neck...
Thanks!
 
0
 
LVL 8

Expert Comment

by:TSGITDept
ID: 33737827
In general I'm thinking of checking the following:
Check IP configs
Check DHCP, what is it sending out to your client PCs
Check routing between locations:  can you ping inside IP addresses from one location to another.

It's unusual to think that 3 locations can't be on the same subnet.  There would be routing issues.  Anytime you cross a LAN boundary the subnet typically changes.  That allows your default gateway to know what to do when the traffic needs to leave your location and locate another location through the WAN.

Could you possibly provide some more information and post it here:
From your location, using a command prompt
  ipconfig /all

From a remote location, using a command prompt
  ipconfig /all

You can copy and paste the results by right clicking in the command prompt window and selecting "Mark".  Then you can select the text you want and paste it here.

What type of WAN is connecting your facilities:  MPLS, Internet VPN, etc.?
What are the subnets of your 3 locations:  example Atlanta 10.10.x.x, NY 10.11.x.x, Seattle 10.12.x.x

0
 
LVL 8

Expert Comment

by:TSGITDept
ID: 33737834
Correction:  "It's unusual to think that 3 locations CAN be on the same subnet."
Each location should be on its own subnet.  That's one of the things that makes LAN/WAN routing possible.
0
 
LVL 8

Expert Comment

by:TSGITDept
ID: 33737849
And for help on this one:
>From a remote location, using a command prompt
>   ipconfig /all

If you have Remote Desktop, VNC, or something enabled, or another server you should be able to RDP into a machine at a location and run this command
0
 

Author Comment

by:Chaord49
ID: 33738632
I am working remotely right now.  I can get that information from the SBS now, but there is no workstation I can log onto from the second or third location until they close.
The network is set up as follows:
Connection:  point to point dedicated lines from remote locations to main location
Main Location:  172.16.0.x     255.255.255.0     Gateway 172.16.0.x
2nd Location:    172.16.2.x     255.255.255.0     Gateway 172.16.2.x
3rd Location       172.16.1.x    255.255.255.0     Gateway 172.16.1.x
All address are static, there is no DHCP Running.
WINS is installed and configured
I can ping any machine on the network.
I can use the run command with the path and whatever is shared shows up.
I can use IE with the path and see all that is shared on the machine.
I will run ipconfig /all on all three locations tonight and paste the results here.
Thank you so much for your attention to this.  I really appreciate the help.
0
 
LVL 8

Expert Comment

by:TSGITDept
ID: 33738984
Question?  Why use WINS when you can use DNS instead?  WINS can be finicky and can get corrupted sometimes.  Also the replication between domain controllers is not as good as DNS.
And the whole WINS browsing and local machine master technology is outdated too.

A much easier solution to manage would be (and I use this combo to support 20 locations):
DNS instead of WINS
DHCP instead of static addresses - plus DHCP will dynamically update DNS for you with current hostname - IP info.
Just tell your ISP/WAN vendor to make sure the routers will work with DHCP.  I think they setup the router as a DHCP helper or something.  Can't remember atm.

But back to your problem, if you can ping any machine on the network then it's not a routing problem.

If your computers were not on a domain before (it's not 100% clear that they were before) but rather on a workgroup then all of the PCs would have been broadcasting their resources.  This makes the network VERY chatty with UDP broadcast traffic.  WINS is one technology to reign this in and let all computers look to a central authority for resolving name to IP requests.

Over the years DNS and DHCP have largely made WINS obsolete.

And with static IPs on all your workstations it's very difficult to push out new network information, like how to find  your new DNS and WINS servers.
0
 

Author Comment

by:Chaord49
ID: 33739133
There is only ONE domain controller.
The previous domain was xxxxx.com  Now it is xxxx.local  Each workstation was removed from the dot com, then rejoined the domain when the .local domain controller was up and configured.
I did not have WINS installed and configured until I ran into this problem with the new SBS server.... thinking it would help.
I have never used DHCP on this network in 8 years... always have used static.. basically because of the three locations and a server at only one location.  The domain controller is hosting the DNS.  I have two Cisco routers at the main location, one to the internet, and one for the point to point connections.  Each remote location has a Cisco router as well.
I appologize for the lack of clarity in the way this network is configured....  Thank you for attempting to help.  Perhaps this information will clarify the layout.  I am in a rural area in AZ... the clieint really doesn't want to spend any more on this network than necessary..... Not always my choices... sometimes, just making-do.
 
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 33739158
I have to agree with TSGITDept that WINS is pretty much dead and even disabled by default with SBS 2008.
However, browsing relies primarily on NetBIOS broadcasts and broadcast packets are not routable. Therefor they are "usually" not forwarded by routers or VPN's. I say not usually as there are some routers that have a service to forward broadcast packets.
A a result if you want to browse remote sites you need to have WINS configured, but not just as a WINS server. You need to have a WINS server at each site and configure them to replicate between sites.

Do you really need to browse. It is often even considered a security risk to have users just randomly 'poking around'. Users are usually connecting to known resources or mapped drives making browsing un-necessary in most cases.

Having said all of that a couple of other issues to consider:
-make sure Network Discovery is enabled on the server
-Many exceptions on various machines (primarily workstations) are blocked by the windows firewall except for the local LAN/subnet. For example enabling file and print sharing opens ports TCP 139 & 445, UDP 137 & 138, which are required for shares to be visible, however they only allow access from the local LAN. In order to remedy you need to change from local subnet to " either all computers even those on the internet" or add the remote subnet/s. This is done by editing the exception scope options. You need to do so for each port. You can see an example of this in the following link for RDP/3389:
http://www.lan-2-wan.com/RD-FW.htm
0
 
LVL 8

Expert Comment

by:TSGITDept
ID: 33739246
>A a result if you want to browse remote sites you need to have WINS configured, but not just as a WINS server. You need to have a WINS server at each site and configure them to replicate between sites.
  True, when I used to use WINS over a WAN I had to have the routers configured to allow the broadcasts through.

>Do you really need to browse
  True again.  Microsoft is getting away from browsing and what was once Network Neighborhood due to security risks.

Compromize gradual move to DNS and DHCP.
You might over time get your client converted over a little at a time.

1. Setup 3 DHCP scopes, one for each facility, that do not overlap your static address ranges.
One good way to do this is to setup the scope to encompase as much, or all, of the subnet.
Then create an exclusion(s) for the client IP addresses that are static, belong to other things, etc.
The reason is that you can edit exclusions but you cannot edit a DHCP scope itself without deleting and recreating it.

2. Tell the DHCP scopes to give out the address of your DNS and WINS servers, in your case it will be the same IP address.

3. Check DNS to make sure there's a zone for your domain.  You're probably fine here.

4. Make sure the WAN vendor will allow DHCP requests through to your domain controller.

5. As you touch a PC (remotely or otherwise), set it to use DHCP.  Everything else is automatic.

*6. As you already know, having a single domain controller is rather risky.  If it dies they'll be in a world of hurt unless their DR plan is really good.  A virtual DC would even do.
0
 

Author Comment

by:Chaord49
ID: 33739313
Thank you so much.  I will try reconfiguring the addressing and changes this weekend, when no one is on the network  The other suggestions I can check after hours, especially to the server setting.  There is a server that the SBS replicates to, a NAS and daily removable backups.... as well as RAID and and extra blade and hard drives.  That was the best I could do with what was approved...  I will keep you both posted.
Thank you again!
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 33739823
To add to TSGITDept's comments. SBS is very fussy about it's configuration. If you do not already have DHCP enabled on the server, disable on the router and then use the wizards under network \ connectivity in the SBS console to set up networking first. There are two "Connect to the Internet" and "Configure my internet address". Then you are fine to edit DHCP as recommended by TSGITDept. If DHCP is already enabled, please ignore.

In addition to WINS and DNS SBS requires you add to the scope (always a good idea anyway) the "DNS Domain Name" scope option 015. If you use the wizards this will be done automatically.
0
 

Author Comment

by:Chaord49
ID: 33739845
Thanks, I will try that in conjunction with some other suggestions this weekend.... and will keep you posted.
Thank you for the suggestion and the attention.
 
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 

Author Comment

by:Chaord49
ID: 33804465
Last weekend, I found myself installing and configuring Backup Exec 12.5.... and more time just downloading the huge files.  I am unable to use the wizards in setting up the 2008 SBS, since I error out on the first one.  I put the IP of the router in... then the IP of the SBS.... and it says that there is a problem with DHCP... tells me to fix it and try again.  I do not have DHCP server installed on this server.  Right now, remote web workplace is not accessible from the OUTSIDE.... the links on company web to remote email and remote workstation are not working... I'm  ready for this to be done.  I am going to attempt installing and configuring DHCP this weekend.  I have to see if the workstations at the remote locations will grab an IP.  I will begin with ONE... and if that works, change the workstations over.  Hopefully, browsing will be better... and I will be able to go through the wizards in setup....  
Will keep my progress posted.  Thanks.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 33804763
Though it is possible to use the router as the DHCP server it is STRONGLY discouraged. If you do use the router you have to customize the scope options it hands out. Moving DHCP services to the SBS solves many problems such as DNS accessibility from RWW and much more. SBS will not work as it should until you have completed the set up with all of the wizards.
0
 

Author Comment

by:Chaord49
ID: 33804822
I planned on configuring the DHCP Server on the SBS.. I just wasn't sure if the workstations at the remote locations (connected via a point to point T-1 with routers on each end) would grab an IP address.  I know that I will have to create 3 zones for the 3 locations.... I just wasn't sure how  or IF this will work.  
Thank you so much for your information!
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 33806147
SBS will not automatically configure multiple DHCP scopes though it can handle it. The routers have to be configured to use a DHCP relay which I cannot help you with.

If you need to leave the router as the DHCP server it has to be configured to hand out ONLY the SBS as the DNS server. It cannot assign a second even a router or an ISP's DNS. Also if possible it should assign the local DNS suffix.
0
 

Author Comment

by:Chaord49
ID: 33808516
At this time, the routers are not, and have never been configured as a DHCP relay.  ALL addresses in all 3 locations have been static.  I have someone who configures my cisco routers, so he should be able to do this.
Thank you so much for this information.  I will keep you posted!  Wish me luck this weekend.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 33808583
You can remain with static IP's if you like or at the remote sites use the local DHCP server (router) however regardless of the method (DHCP server, DHCP router, or static) the following scope options need to be assigned to clients

1) DNS SBS server ONLY (you cannot add a second such as the router or ISP - this means if the SBS or VPN is off line users will loose Internet. Solution = local DC)
2) DNS suffix added to TCP/IP properties | advanced | DNS | uses this suffix box | YourDomain.local

Good luck :-)
0
 

Author Comment

by:Chaord49
ID: 33812919
The client does not want me to change from static addressing to DHCP this weekend due to several people needing to work Saturday and Sunday.  I will attempt it next weekend.
I will keep you posted.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 33813805
Thnans for updating.
0
 
LVL 8

Expert Comment

by:TSGITDept
ID: 33822435
Note also that if your DHCP ranges do not overlap with your Static addresses you can migrate machines one at a time, gradually.  No need for an all or nothing approach.
0
 

Author Comment

by:Chaord49
ID: 33856673
I am waiting for a "go ahead" from the client to readdress the network using DHCP.  So far, they have put it off for two weeks.  I cannot proceed with these suggestions until this is done.  
0
 

Author Comment

by:Chaord49
ID: 34169225
I apologize for the delay in posting this message.  The client kept postponing the change to DHCP... then did not renew my contract, nor did they pay me.  Thank you all for attempting to help solve this problem.... You were the only thing that kept me from feeling like I was "out there" all alone!
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
ID: 34169287
Sorry to hear that, but if that is the sort of client they are, perhaps you are better off.
Thanks for updating.
Cheers!
--Rob
0
 

Author Closing Comment

by:Chaord49
ID: 34169729
The client did not agree to DHCP rather than static IP's... could not implement.
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Many admins will agree: WSUS is is a nice invention but using it on the client side when updating a newly installed computer is still time consuming as you have to do several reboots and furthermore, the procedure of installing updates, rebooting an…
Because virtualization becomes more and more common, and, with Microsoft Hyper-V included in Windows Server at no additional costs, and, most server hardware nowadays is more than capable of running a physical Small Business Server (SBS) 2008 or 201…
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now