I Have a SBS 2008 that was setup before I took over, we are in the process of changing ISP's When I change the settings on the router to the new ISP Static I am unable to get out to the internet from the small business server or even ping public IP addresses. If I go back to the old ISP on the router everything works fine.
Nothing has changed on the private network, on a workstation if I put in a public DNS server I am able to get out to the internet just fine if I put the DNS back to the small business server no joy. Once I go back to the old ISP everything works fine.
I have rerun the fix my internet wizard with no luck. I'm guessing someone ran the wizard in the beginning of the servers setup and did the router config and somewhere in the registry it is remembering the old router config even though that shouldn't matter.
The router still has the same private IP address so that hasn't changed it is just the public IP addresses that have changed. If I configure a laptop with the public IP info on the new service I am able to get out on the internet just fine so it doesn't have anything to do with the new ISP.
Can anyone make any suggestions on what to try next short of calling Microsoft, let me know if you need any additional information.
Thanks
Todd
Microsoft Legacy OSInternet Protocols
Last Comment
ToddB02
8/22/2022 - Mon
ktaczala
Check the DNS forwarders on sbs 2011. MS recommends using only root hints instead of forwarders, I prefer forwarders instead of root hints, I've have root hints do exactly what you're experiencing.
tsaico
Just in case, I would also check to make sure the firewall rules are on groups like "Public Wan -> Internal subnet". I had inherited a Juniper firewall one time, and the rules were are specifically the old WAN ip, so the firewall itself was not allowing anything in other than the old IP.
As for the DNS forwarders, I have seen this also, but a restart of DNS server service fixes that.
ToddB02
ASKER
Okay I've tried just using root hint or forwarders no luck.
Also when I have things setup for the old ISP I can ping public IP addresses such as 8.8.8.8 but once I change it over to the new ISP I cannot ping 8.8.8.8 But form other machines on the network I can ping 8.8.8.8 and if I change to a public name server on that machine I can get out on the internet.
I have restarted the DNS services and booted the server cold with the new ISP in place. The firewall was replaced after I took over so nothing is configure on it to restrict traffic.
Okay I have now done a netsh int ip reset with no luck either.
There has to be some sort of routing table that someone setup on this server, does anyone have any ideas on what I can try to reset or look at to get this working.
ktaczala
try a tracert 8.8.8.8 from an elevated command prompt.
first response should be from the router/firewall
then everything after that is public.
if you get no connection at all, you are definitely not getting out of the server, which means somewhere, someone has locked down the nic/server to a specific IP, internally on the server. What brand is the server? Is there some kind of OEM app running that may be blocking?
ktaczala
you can look at the routing table from a command prompt.
The Trace route doesn't hit the router when I have the new ISP active.
With the old ISP it goes out just fine.
I don't see any weird software running that would be restricting traffic.
It is a dell R310 server I have updated the NIC drivers and firmware, Bios and anything else dell had on their site that was all done before I did the netsh on the TCP/IP stack.
Add a nic card assign a different address to the new one then change DNS listening to new nic IP see attachment ScreenCapture.jpg
ToddB02
ASKER
Okay the new NIC kinda did the trick but not fully once I reboot with the new IP it stops working again.
After it comes back up if I change it to an IP I've never used it is okay but if I reboot none of those IPS will connect with the new ISP.
Also now every time I go into the network card properties it want's to restart the machine.
Any other ideas or is it time to call Microsoft?
ktaczala
One thing I would try is install a completely different router. It almost sounds like the router is denying traffic.
What kind of router is installed, does the router syslog show any traffic relating to the Server IP(s)
Check active directory users and computers. Is the DC in the OU called Domain Controllers?
If not it should be. If it's not examine which GPO's are being applied to it in detail.
I don't think to Replication issues are critical since this is a single DC environment.