Solved

DNS setting changed by itself to 192.168.1.1 on some workstations ?

Posted on 2016-11-20
6
26 Views
Last Modified: 2016-11-22
People,

Can anyone here please assist me of what could be the problem here with my remote office issue?

Some workstations got their DNS server changed into 192.168.1.1 intermittently.

There is Windows DHCP server in the remote office that issue DHCP iP and DNS but not sure what's keep on changing it randomly.

Thanks in advance
0
Comment
  • 3
  • 2
6 Comments
 
LVL 3

Accepted Solution

by:
Sreejith Sugathan earned 334 total points
ID: 41895445
Try using a DHCP rogue detector tool to see if someone has configured a DHCP server somewhere in the network. Are you able to ping the IP address? Is it in the same range as your network is in?
0
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 41895446
The rogue DNS IP 192.168.1.1 somehow is different subnet than the current remote office IP address class.
0
 
LVL 3

Assisted Solution

by:Sreejith Sugathan
Sreejith Sugathan earned 334 total points
ID: 41895452
You can see if there are any other DHCP servers running in the environment  - the rogue checker download link is in the TechNet article below.

http://social.technet.microsoft.com/wiki/contents/articles/25660.how-to-prevent-rogue-dhcp-servers-on-your-network.aspx

Guess the best way forward if to rule out this first.
2
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 23

Assisted Solution

by:masnrock
masnrock earned 166 total points
ID: 41896362
I bet someone in that office connected a router to the network. Had an instance where someone basically tried to work around to get a switch via an office supply store, ordered a router by mistake, the connected it incorrectly. Not sure what type of switches you have, but if you are using managed ones, that could be the key to tracking down exactly where the rouge DHCP server it.
1
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 41896756
Thanks all for the response.

Yes, It is a rogue device detecte by the GUI DHCP roge detection tool.

now I will need to know what is behind this IP: 192.168.1.1
0
 
LVL 7

Author Closing Comment

by:Senior IT System Engineer
ID: 41897111
Thanks
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
If you need to start windows update installation remotely or as a scheduled task you will find this very helpful.
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now