Workgroup problems of server 2003

pts.
Tags:
DHCP
DNS
Microsoft Windows
Networking
Networking services
Tech support
I have a network of 10 computers: 9 Win XP & 1 server 2003 . I have enabled NAT on server 2003 for the purpose of sharing the Internet on all computers. The Internet is running well but all the computers can't access the server 2k3 machine from the workgroup and all the other computers are communicating with each other. I have configured them with static IP & gateway as IP of the NIC on server 2k3 internal. Also, DNS as provided by ISP.

Answer Wiki

Thanks. We'll let you know when a new response is added.

Hakimi … First you need to know if you can ping the server by IP address. If you can ping by IP but not by name then you have a DNS issue. Here is something very important:

You should never point your internal machines to an external DNS server through your ISP. You should actually install and run DNS on your 2k3 server and configure the DNS address of the ISP as a forwarder for your domain.

Internal machines will get their DNS queries resolved my your server (much faster than waiting to fetch it from an ISP) and your server will only go to the internet for records that it does not already have cached.

Look at this Microsoft link:

Discuss This Question: 5  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Mortree
    There is fair chance you duplicated IPs or misconfigured masks or other IP information on some of those workstations. For a small workgroup you are much better off to buy a $50 firewall box from BestBuy (or similar) and configure it for DHCP. I'd stick with NetGear or DLink boxes (Linksys sometimes sucks). The firewall box will let you play with Internet without endangering your server. If you have Internet problems you won't need to touch your server while working on that problem -- business continues. If the server is down you can still reach the Internet for technical information, etc. Plus ISPs occasionally change their DNS servers IPs. A firewall box will automatically distribute the new DNS server info to all workstations. Well cheaper boxes might need to be rebooted themselves. But new and slightly more expensive ones won't and they can have all sorts of neat features like site blocking by list (stop ads/etc. by subscriber list or manual entry). In the long run you may want to look at an old computer plus IPCOP.org freeware. But in any case you really don't sound like you know enough configuration and security to be attaching the Internet directly to your 2003 server -- which probably has lots of important stuff on it you don't wnat to lose.
    0 pointsBadges:
    report
  • Mortree
    Read the restrictions on ICS --no static addresses for workstations! ICS provides DHCP services which include where DNS comes from and everything else. Set network workstations to DHCP (get address automatically form network). http://support.microsoft.com/?kbid=324286 (I'd still consider getting an external firewall box rather than use your server. One less item to cause trouble and workload on the server.) But you can still have routing problems on your server because it is multihomed (Internet side network connection and workstation side network connection). The Internet side may be USB or other type but it is still a network connection. Basically misconfigured multihomed servers can get confused about which connection to use when sending out responses. Just because the workstation requested Internet (or files!) using the workstation side connection doesn't mean its response will properly return via the workstation side connection. If it doesn't the server reply is lost. This misconfiguration occurs in the routing tables. Unfortunately if you make a network configuration error then correct it (or just change your network config) -- the routing tables don't necessary folling in multihomed situations. Unfortunately vaguely related to how and why ICS does what it does. Mainly noticed via the chosen IP network range. http://support.microsoft.com/kb/220874/en-us AIPAP
    0 pointsBadges:
    report
  • Mortree
    P.S. ICS provides DNS caching proxy invisibly without full blown DNS setup.
    0 pointsBadges:
    report
  • Marcola
    You had not mentioned earlier that you were running Internet Connection Sharing (ICS). ICS is not necessary to use your 2k3 machine as a router to the internet but I totally agree that you need to install a firewall and make that your default gateway and not your 2k3 box. Doing NAT is great but only for the machines behind the 2k3 server. The outside interface of your server is still exposed if you are not using a firewall.
    0 pointsBadges:
    report
  • Mortree
    Actually use of ICS is an assumption on my part... because almost every consumer firewall box (netgear, DLink etc) in the last 5-7 years included NAT. In fact some cheap firewall boxes still rely on NAT as their sole "firewall" method. Any good modern firewall box will now include packet filtering/blocking rules as well -- and the best use stateful packet filtering (matching opening of inbound ports to outbound requests from machines inside the firewall). Thus Server 2003 is not likely needed for NAT, unless you are relying on the firewall features touted by DSL or cable modem (usually not actually very good) or using older low-end commercial routers. Commercial equipment especially Cisco be much more expensive and offers the option to reduce costs by breaking into very bare minimum features.
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following