?
Solved

DNS setting changed by itself to 192.168.1.1 on some workstations ?

Posted on 2016-11-20
6
Medium Priority
?
38 Views
Last Modified: 2016-11-22
People,

Can anyone here please assist me of what could be the problem here with my remote office issue?

Some workstations got their DNS server changed into 192.168.1.1 intermittently.

There is Windows DHCP server in the remote office that issue DHCP iP and DNS but not sure what's keep on changing it randomly.

Thanks in advance
0
Comment
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 3

Accepted Solution

by:
Sreejith Sugathan earned 1336 total points
ID: 41895445
Try using a DHCP rogue detector tool to see if someone has configured a DHCP server somewhere in the network. Are you able to ping the IP address? Is it in the same range as your network is in?
0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 41895446
The rogue DNS IP 192.168.1.1 somehow is different subnet than the current remote office IP address class.
0
 
LVL 3

Assisted Solution

by:Sreejith Sugathan
Sreejith Sugathan earned 1336 total points
ID: 41895452
You can see if there are any other DHCP servers running in the environment  - the rogue checker download link is in the TechNet article below.

http://social.technet.microsoft.com/wiki/contents/articles/25660.how-to-prevent-rogue-dhcp-servers-on-your-network.aspx

Guess the best way forward if to rule out this first.
2
Plug and play, no additional software required!

The ATEN UE3310 USB3.1 Gen1 Extender Cable allows users to extend the distance between the computer and USB devices up to 10 m (33 ft). The UE3310 is a high-quality, cost-effective solution for professional environments such as hospitals, factories and business facilities.

 
LVL 30

Assisted Solution

by:masnrock
masnrock earned 664 total points
ID: 41896362
I bet someone in that office connected a router to the network. Had an instance where someone basically tried to work around to get a switch via an office supply store, ordered a router by mistake, the connected it incorrectly. Not sure what type of switches you have, but if you are using managed ones, that could be the key to tracking down exactly where the rouge DHCP server it.
1
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 41896756
Thanks all for the response.

Yes, It is a rogue device detecte by the GUI DHCP roge detection tool.

now I will need to know what is behind this IP: 192.168.1.1
0
 
LVL 8

Author Closing Comment

by:Senior IT System Engineer
ID: 41897111
Thanks
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question