Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

DHCP Problems after ISA Removal

Posted on 2011-02-20
11
1,055 Views
Last Modified: 2012-05-11
Hey Everyone -

Took down ISA and have now connected the server to the internal router and using an internal IP of 172.16.32.xx. However, I need to setup the server to play DHCP with a scope of 192.168.1.101-201.

How would I go about doing that?
0
Comment
Question by:tecpub
  • 4
  • 2
  • 2
  • +2
11 Comments
 
LVL 23

Accepted Solution

by:
Suliman Abu Kharroub earned 167 total points
ID: 34938096
You should change the inerneal IP address of the router to somthnig from range 192.168.1.x (if you use /24 mask).

then install DHCP role, create a new scope 192.168.1.101-201 and authorize this DHCP server.

you have to publish the internal ip address of the router as a default gateway for clients  on the scope.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 34938124
I've got to ask - why?
0
 

Author Comment

by:tecpub
ID: 34938483
You know what, the guy I'm working with came to finish with the uninstall of ISA server from yesterday, and called and asked. He asked me this exact same question, which didnt make sense since the server would have to have a similar address to the scope, but I figured I'd ask anyways. I'm now with him and hopefully finishing this up!

As of now, we've switched the LAN IP of the router to 192.168.1.1 and given the server an address of 192.168.1.64. Of course, the server is online and working. I ran the connection wizard one more time and restarted. Everything is working on the server. I created the DHCP scope 192.168.1.101-198.

What's left? As of right now none of the clients can reach the web/network. I did check over the switches to make sure they are each connected to the router in some way and they are.
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 34938545
Do clients obtain ip information from DHCP ?

Can you ping ip address on the internet, ( ping 8.8.8.8) google's dns server.

tracert 8.8.8.8 ( how many successful hobs ?), can you reach routers behind your router ?
0
 
LVL 39

Assisted Solution

by:Krzysztof Pytko
Krzysztof Pytko earned 167 total points
ID: 34938619
In DHCP scope options, have you defined options no. 003 Default Gateway (router's IP), 006 internal Dns servers and 015 Dns domain name (fqdn)? Additionally, please ensure that your Dns server uses forwarders or root hints for the. Internet name resolution. Then try on a client in command-line type

Ipconfig /release
Ipconfig /renew

Check once again the Internet connection.

Regards,
Krzysztof
0
 
LVL 38

Assisted Solution

by:ChiefIT
ChiefIT earned 166 total points
ID: 34938710
After what iSiek stated this, make sure your router is not supplying DHCP, and then go to the server and authorize it as a DHCP server. Microsoft DHCP will not work without authorizing it, and any rogue DHCP servers will knock a microsoft server down.

Defining the gateway,preferred DNS server as your server and all other scope options will give your clients that information when they get an IP address from your new DHCP server.

Furthermore, With DNS on the server, you also have to configure root hints or forwarders in DNS in order to get outside DNS resolution.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 34938723
This is mad/bad. You have removed the best software firewall/reverse proxy server in the world - obviously that is your call as it is your system. However, you have also removed the system that provides some 60% of the functionality of the SBS system and 100% of the external to internal services such as OWA/OMA/Activesync etc until you now manually install the necessary services and apply the appropriate configuration.

The fact you are talking about 192.168.x.z on one hand and 172.16.x.y on the other suggests you still have two nics operating on the SBS? If so, which nic have you bound the dhcp to?
0
 
LVL 38

Expert Comment

by:ChiefIT
ID: 34938751
Good call keith:

Tell me if you think I am far off on this adventure. This thread implies that DHCP was once on the router, not the microsoft server. This can cause problems with DNS as the router will, by default, try to provide DNS if it is supplying DHCP.  

Or, am I looking at a Server that was once the router with RRAS configured and Natting over the server? If it was working as a router, I am with you on asking "why change a working configuration?"
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 34938787
I have no idea/interest in what drove the decision to remove the ISA Server and - to be honest - that is not my call to make judgement upon anyway. That is between the asker and his consultant/support team.

But to get this scenario operational - for Monday morning I guess - I DO need to understand the config of the SBS server now.
Can we get a view from an ipconfig /all from the server please?

0
 

Author Comment

by:tecpub
ID: 34954298
@keith_alabaster - that's true.. however, as great of a gift ISA is to the Microsoft World, it does have it's flaws and does require more resources spent on it than most. If anyone new to ISA was to Google ISA Server, they would probably assume the same, with the many many sites touting the problems rather than praising the positives. Many new appliances are much more self-sufficient than ISA Server is. This client told me that after going through many of the more popular, larger corporate IT support firms in Southern California, that very few of them refused to support it. That's not good!

Of course I do understand the up-sides of ISA, however, for many I talk to (with or without certifications to back up their opinions), the problems, in most instances, outweight the good. Its not for everyone. Since the uninstall, internet has been faster, there have been no dropped connections, and still have the features from ISA carried over.

This not a debate on why ISA is great and frankly, I'm done even hearing about it. I dont regret it one bit and am extremely excited to move on from it. I personally love Audi's and own two of them. I believe that the Quattro system is incredible and has superior performance. Many would disagree since Audi's are known for lower reliability, so I don't push my beliefs on others. I know that I enjoy them and that's good for me.

Going back to the problem - everything worked after replacing a failed switch and deleting and recreating a whole new scope in DHCP.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 34955328
lol - point taken. Although this IS the ISA & Forefront Zone area of EE - so we can talk ISA and FTMG for days here. :)
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
server DNS address could not be found 22 246
After relocating dns server, the ip address is incorrect 19 43
Auto Login Script 3 51
Setting up NAT translation for RDP 6 39
There are several problems reported according slow link speeds or poor performance in TMG 2010, UAG 2010 or ISA 2006. I want to collect here some of the common issues together to give a brief overview what can be the reason. Nevertheless, not all of…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question