Solved

DHCP Problems after ISA Removal

Posted on 2011-02-20
11
1,053 Views
Last Modified: 2012-05-11
Hey Everyone -

Took down ISA and have now connected the server to the internal router and using an internal IP of 172.16.32.xx. However, I need to setup the server to play DHCP with a scope of 192.168.1.101-201.

How would I go about doing that?
0
Comment
Question by:tecpub
  • 4
  • 2
  • 2
  • +2
11 Comments
 
LVL 23

Accepted Solution

by:
Suliman Abu Kharroub earned 167 total points
ID: 34938096
You should change the inerneal IP address of the router to somthnig from range 192.168.1.x (if you use /24 mask).

then install DHCP role, create a new scope 192.168.1.101-201 and authorize this DHCP server.

you have to publish the internal ip address of the router as a default gateway for clients  on the scope.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 34938124
I've got to ask - why?
0
 

Author Comment

by:tecpub
ID: 34938483
You know what, the guy I'm working with came to finish with the uninstall of ISA server from yesterday, and called and asked. He asked me this exact same question, which didnt make sense since the server would have to have a similar address to the scope, but I figured I'd ask anyways. I'm now with him and hopefully finishing this up!

As of now, we've switched the LAN IP of the router to 192.168.1.1 and given the server an address of 192.168.1.64. Of course, the server is online and working. I ran the connection wizard one more time and restarted. Everything is working on the server. I created the DHCP scope 192.168.1.101-198.

What's left? As of right now none of the clients can reach the web/network. I did check over the switches to make sure they are each connected to the router in some way and they are.
0
 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 34938545
Do clients obtain ip information from DHCP ?

Can you ping ip address on the internet, ( ping 8.8.8.8) google's dns server.

tracert 8.8.8.8 ( how many successful hobs ?), can you reach routers behind your router ?
0
 
LVL 39

Assisted Solution

by:Krzysztof Pytko
Krzysztof Pytko earned 167 total points
ID: 34938619
In DHCP scope options, have you defined options no. 003 Default Gateway (router's IP), 006 internal Dns servers and 015 Dns domain name (fqdn)? Additionally, please ensure that your Dns server uses forwarders or root hints for the. Internet name resolution. Then try on a client in command-line type

Ipconfig /release
Ipconfig /renew

Check once again the Internet connection.

Regards,
Krzysztof
0
Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

 
LVL 38

Assisted Solution

by:ChiefIT
ChiefIT earned 166 total points
ID: 34938710
After what iSiek stated this, make sure your router is not supplying DHCP, and then go to the server and authorize it as a DHCP server. Microsoft DHCP will not work without authorizing it, and any rogue DHCP servers will knock a microsoft server down.

Defining the gateway,preferred DNS server as your server and all other scope options will give your clients that information when they get an IP address from your new DHCP server.

Furthermore, With DNS on the server, you also have to configure root hints or forwarders in DNS in order to get outside DNS resolution.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 34938723
This is mad/bad. You have removed the best software firewall/reverse proxy server in the world - obviously that is your call as it is your system. However, you have also removed the system that provides some 60% of the functionality of the SBS system and 100% of the external to internal services such as OWA/OMA/Activesync etc until you now manually install the necessary services and apply the appropriate configuration.

The fact you are talking about 192.168.x.z on one hand and 172.16.x.y on the other suggests you still have two nics operating on the SBS? If so, which nic have you bound the dhcp to?
0
 
LVL 38

Expert Comment

by:ChiefIT
ID: 34938751
Good call keith:

Tell me if you think I am far off on this adventure. This thread implies that DHCP was once on the router, not the microsoft server. This can cause problems with DNS as the router will, by default, try to provide DNS if it is supplying DHCP.  

Or, am I looking at a Server that was once the router with RRAS configured and Natting over the server? If it was working as a router, I am with you on asking "why change a working configuration?"
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 34938787
I have no idea/interest in what drove the decision to remove the ISA Server and - to be honest - that is not my call to make judgement upon anyway. That is between the asker and his consultant/support team.

But to get this scenario operational - for Monday morning I guess - I DO need to understand the config of the SBS server now.
Can we get a view from an ipconfig /all from the server please?

0
 

Author Comment

by:tecpub
ID: 34954298
@keith_alabaster - that's true.. however, as great of a gift ISA is to the Microsoft World, it does have it's flaws and does require more resources spent on it than most. If anyone new to ISA was to Google ISA Server, they would probably assume the same, with the many many sites touting the problems rather than praising the positives. Many new appliances are much more self-sufficient than ISA Server is. This client told me that after going through many of the more popular, larger corporate IT support firms in Southern California, that very few of them refused to support it. That's not good!

Of course I do understand the up-sides of ISA, however, for many I talk to (with or without certifications to back up their opinions), the problems, in most instances, outweight the good. Its not for everyone. Since the uninstall, internet has been faster, there have been no dropped connections, and still have the features from ISA carried over.

This not a debate on why ISA is great and frankly, I'm done even hearing about it. I dont regret it one bit and am extremely excited to move on from it. I personally love Audi's and own two of them. I believe that the Quattro system is incredible and has superior performance. Many would disagree since Audi's are known for lower reliability, so I don't push my beliefs on others. I know that I enjoy them and that's good for me.

Going back to the problem - everything worked after replacing a failed switch and deleting and recreating a whole new scope in DHCP.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 34955328
lol - point taken. Although this IS the ISA & Forefront Zone area of EE - so we can talk ISA and FTMG for days here. :)
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have been asked to explain on many, many occasions the correct way to setup network cards and DNS settings on ISA Server 2004, 2006 and forefront Threat management gateway (FTMG) and have willing done so. I have also promised my self everytime tha…
Microsoft's ISA Server has been its pre-eminent security product for about a decade and is still regarded amongst the well-informed as one of the best software firewalls and application gateways ever released, by any manufacturer. ISA Server has bee…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now