The DNS server isn't responding.  Need urgent help!

Posted on 2014-02-01
Last Modified: 2014-02-10
hello Experts I was trying to upgrade our router from a Cisco 800 series to a sonicwall.  well it turns out the sonic walls wifi is defective and it needs to be returned.  I put the Cisco 800 series back in place but now nobody can connect to the internet and when I try to troubleshoot it tells me that the DNS server isn't responding.  I'm at a business and the Internet has not been working for 6 hours and I really really need help with this.  DNS is running off of our main domain controller and so is exchange and so is DHCP.  our domain controller has Small Business Server 2012 on it.  Please help!!
Question by:Brent Johnson
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
  • +6
LVL 37

Expert Comment

ID: 39827403
1st try telnetting some public DNS IP addresses such as, from corporate network and check at where connectivity is dropping
You will immediately come to know where is the problem ?

If previously internet is working with old router, i believe problem exists with router config only

LVL 29

Expert Comment

ID: 39827722
Did you check the DNS forwarders? Are THOSE DNS servers working properly? Is there an issue with the internet service?

Were there any configuration differences between the Cisco and Sonicwall?

Assisted Solution

piwowarc earned 125 total points
ID: 39827746

Agreed with above post. If you have on premise AD controller doing DNS, this DNS needs to be checked as well. This DNS does lookup on its own using root hints or you have general "Forwarders" statement? No changes done on that machine?

Telnet from that AD controller (DNS server) on port 53 to google dns for example (will give you tcp 53 is opened on cisco) and do nslookup to google servers using nslookup (will give you udp 53 opened on cisco). If it fails its either routing changed or firewall rules not permiting. If you do forwarders try asking them instead of google DNS.

Something must have changed since you put a gear that was here before back in network. Are you sure for example on rules on cisco were saved before it was powered off? That is a common mistake when people have cisco device in place, all is configured and working but not saved to nvram. After powerloss that part of config is gone.
Salesforce Has Never Been Easier

Improve and reinforce salesforce training & adoption using WalkMe's digital adoption platform. Start saving on costly employee training by creating fast intuitive Walk-Thrus for Salesforce. Claim your Free Account Now


Author Comment

by:Brent Johnson
ID: 39827767
I put back the sonicwall and got things to work, but now when using proxy settings in outlook from home, we are getting a proxy error and also activesync on iphones is not working the iphones give the error "cannot get mail the connection to the server failed"  How to fix??
LVL 32

Assisted Solution

aleghart earned 125 total points
ID: 39828371
You need to replicate the NAT settings from the old router.

Your phones are trying to connect to a server hostname that should resolve to a public IP address.  Your router/firewall should be using NAT to translate this traffic to your SBS server on the inside.  Normal port should be 443 for HTTPS.

Do you have the config of the old router documented?  It's not a straight swap of hardware.  You have to configure the new router to match the old.

Sonicwall firewalls have a 'public server wizard' that will walk you through steps for basic NAT.  But, you still need to know how your network and servers are setup.

DON'T try to do it manually if you don't understand.  I've seen to many NAT settings with any/any forwarding...meaning you've completely opened up an internal server to the public internet.
LVL 43

Assisted Solution

by:Steve Knight
Steve Knight earned 125 total points
ID: 39828398
basic troubleshooting...

PING name on internet -
If it doesn't work PING IP on internet, e.g.
If that works then you have comms to net.
Did that respond.  So you have comms but DNS is wrong.  Presumably PC talks to server for DNS as you say.

On Server, what do forwarders point to.  Can you PING them, Can you PING anything on the net?  Can you even ping the new router?

As you have replaced the router, even if it still on the same IP address then the server will have in it's arp cache the mac address of the old router.


arp -d x.x.x.x with IP of router

now can you ping it?
LVL 29

Expert Comment

ID: 39828427
You definitely seem to have differing configurations on each unit. You need to review what those differences are. What was the configuration before you installed the sonicwall the first time?

It sounds like you have been changing things of both the Cisco and the sonicwall, and are getting mixed up. Do you keep network documentation?
LVL 30

Expert Comment

ID: 39828496
SBS 2012?
Don't think there is such a product.
If it is SBS 2011,then try running the connect to the internet wizard.

Author Comment

by:Brent Johnson
ID: 39833715
I'm sorry, yes it is SBS 2011.  Okay, so the Sonicwall that we received, the wireless was defective so they sent us a replacement.  We received the replacement today and I exported all settings from the one we were using and imported them into the new one.  I go to plug in the new one, and once everything is connected, it gives me a similar DNS error, but this time it said something about how network cannot be connected due to dns server not responding.  It was basically the same error as before except this time it was worded differently.  I tried to add NAT settings, but it was telling me that duplicates exist and no others can be created.  I'm at a total loss of ideas on how this can be fixed.  Anyone have any ideas?
LVL 43

Expert Comment

by:Steve Knight
ID: 39833737
So as a matter of interest did you do any of the troubleshooting suggested above, i.e. forgetting dns for a minute what does and doeesnt work.


Author Comment

by:Brent Johnson
ID: 39833854
Yes, I did and I was not able to do anything because of this dns error.  No internet, no internal resources.
LVL 43

Expert Comment

by:Steve Knight
ID: 39834232
But my point was basic trouble shooting.... can you ping the router/firewall, can you PING next hop or anything internet beyond firewall by IP not DNS name, can you ping the dns forwarders you are pointing at (if any) from your DNS server etc....

If you can do any of this from workstation, can you do it from your SBS server that is acting as internal DNS server?
LVL 12

Expert Comment

ID: 39834340
do u have the cisco router, login into that and ump the config. see the setup, for dns forwarding etc.
LVL 25

Accepted Solution

Diverse IT earned 125 total points
ID: 39847241
Hi johnsonbrentw,

A couple of things could be going on here. First its always a good practice when transferring from an old device which has had configuration issues or any issues for that matter to configure the new device from scratch. Importing settings can simple carry the misconfig forward. So do a factory reset and start over.

Secondly, about the Exchange not working outside, this could be caused by enabling remote management on the SonicWALL and also having port 443 open for Exchange. Remote Management of the SonicWALL will always take precedence and therefore you should change the SonicWALL management port from 443 to 4443 or some other non-conflicting port.

You should be able to test straight from the SonicWALL to isolate it from being the issue once you have it setup again. Go to System > Diagnostics and next to the Diagnostic Tool: select Check Network Settings. Here it will test many critical connections from the SonicWALL outbound. Also you can select Ping from the menu and type in to see if it is resolving there first and foremost.

What is your SonicWALL model?

Let me know how if goes!
LVL 25

Expert Comment

by:Diverse IT
ID: 39848591
Glad I could help and thanks for the points!

Featured Post

Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
This article is a collection of issues that people face from time to time and possible solutions to those issues. I hope you enjoy reading it.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Suggested Courses

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question