Solved

DNS setting changed by itself to 192.168.1.1 on some workstations ?

Posted on 2016-11-20
6
24 Views
Last Modified: 2016-11-22
People,

Can anyone here please assist me of what could be the problem here with my remote office issue?

Some workstations got their DNS server changed into 192.168.1.1 intermittently.

There is Windows DHCP server in the remote office that issue DHCP iP and DNS but not sure what's keep on changing it randomly.

Thanks in advance
0
Comment
  • 3
  • 2
6 Comments
 
LVL 3

Accepted Solution

by:
Sreejith Sugathan earned 334 total points
ID: 41895445
Try using a DHCP rogue detector tool to see if someone has configured a DHCP server somewhere in the network. Are you able to ping the IP address? Is it in the same range as your network is in?
0
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 41895446
The rogue DNS IP 192.168.1.1 somehow is different subnet than the current remote office IP address class.
0
 
LVL 3

Assisted Solution

by:Sreejith Sugathan
Sreejith Sugathan earned 334 total points
ID: 41895452
You can see if there are any other DHCP servers running in the environment  - the rogue checker download link is in the TechNet article below.

http://social.technet.microsoft.com/wiki/contents/articles/25660.how-to-prevent-rogue-dhcp-servers-on-your-network.aspx

Guess the best way forward if to rule out this first.
2
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 
LVL 20

Assisted Solution

by:masnrock
masnrock earned 166 total points
ID: 41896362
I bet someone in that office connected a router to the network. Had an instance where someone basically tried to work around to get a switch via an office supply store, ordered a router by mistake, the connected it incorrectly. Not sure what type of switches you have, but if you are using managed ones, that could be the key to tracking down exactly where the rouge DHCP server it.
1
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 41896756
Thanks all for the response.

Yes, It is a rogue device detecte by the GUI DHCP roge detection tool.

now I will need to know what is behind this IP: 192.168.1.1
0
 
LVL 7

Author Closing Comment

by:Senior IT System Engineer
ID: 41897111
Thanks
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now