External NIC keeps getting registered in internal DNS zone

Discussion in 'Windows Small Business Server' started by George Merriman, Aug 23, 2007.

  1. I have a two NIC SBS 2003 Premium server running Exchange and ISA 2004. I
    have it set up with two NICs, Internal and External. I have the "Register
    with DNS" checkbox unchecked in the IP properties dialog for both NICs. For
    some reason the external NIC keeps getting registered in the internal DNS
    zone, which causes problems with client Web proxies, etc. when they resolve
    the external IP address from an internal network segment. Is thyere a way to
    stop this from happening?
     
    George Merriman, Aug 23, 2007
    #1
    1. Advertisements

  2. Hi George,

    Only uncheck "Register with DNS" for the external NIC. The re-run CEICW.
    The re-check the NICs to make sure the "Register with DNS" settings for both
    NICs are correct. I assume your using static IP addresses (and in different
    subnets) for both NICs
     
    Merv Porter [SBS-MVP], Aug 23, 2007
    #2
    1. Advertisements

  3. Hello Merv,

    Unfortunately my CEICW database was corrupted as a result of following the
    advice of Microsoft CSS while trying to resolve another problem, and I'm not
    to keen to spend more money to get more bad advice.

    This is an ongoing problem, however, and I have heard your advice before.
    I've tried it back when my CIECW was still working, and it had no effect. In
    any case, the state of the "Register with DNS" checkbox does not change for
    either NIC. If I manually delete the DNS record for the external NIC the
    entry comes back again, usually after a few hours.

    My workaround is to make a HOSTS entry for the internal NIC on the machines
    that have problems--in particular, laptops that use DNS and automatic proxy
    discovery. It's the automatic discovery process that tends to get the
    external IP address from the resolver.

    I use static DNS for most of my non-portable network, and my external and
    internal networks are on separate subnets.

    --
    George Merriman
    See Factor Industry, Inc.


     
    George Merriman, Aug 24, 2007
    #3
  4. What error(s) are you getting when you try to run CEICW?
    Can you post an ipconfig /all for the server?

    --
    Merv Porter [SBS-MVP]
    ============================

     
    Merv Porter [SBS-MVP], Aug 24, 2007
    #4
  5. Hi, Merv,

    I dislike running CEICW in its present state because it often screws
    something up, but as I remember, it complains about improperly registered
    DLLs in certain functions.

    Here is the results from ipconfig /all:


    Windows IP Configuration

    Host Name . . . . . . . . . . . . : sfint
    Primary Dns Suffix . . . . . . . : sfi.local
    Node Type . . . . . . . . . . . . : Unknown
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : Yes
    DNS Suffix Search List. . . . . . : sfi.local
    sfi.extern



    Ethernet adapter Internal:

    Connection-specific DNS Suffix . : sfi.local
    Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
    Physical Address. . . . . . . . . : 00-11-25-57-C2-3B
    DHCP Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : 10.2.2.2
    Subnet Mask . . . . . . . . . . . : 255.255.0.0
    Default Gateway . . . . . . . . . :
    DNS Servers . . . . . . . . . . . : 10.2.2.2
    10.2.0.5
    Primary WINS Server . . . . . . . : 10.2.2.2

    Ethernet adapter External:

    Connection-specific DNS Suffix . : sfi.extern
    Description . . . . . . . . . . . : Intel(R) PRO/1000 CT Network Connection
    Physical Address. . . . . . . . . : 00-11-25-57-C2-3A
    DHCP Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : 10.3.0.11
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . : 10.3.0.1
    NetBIOS over Tcpip. . . . . . . . : Disabled



    PPP adapter RAS Server (Dial In) Interface:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
    Physical Address. . . . . . . . . : 00-53-45-00-00-00
    DHCP Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : 10.2.0.30
    Subnet Mask . . . . . . . . . . . : 255.255.255.255
    Default Gateway . . . . . . . . . :
    NetBIOS over Tcpip. . . . . . . . : Disabled


    PPP adapter {2F433911-4832-426B-9F7B-8EB5F2DC0D33}:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
    Physical Address. . . . . . . . . : 00-53-45-00-00-00
    DHCP Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : 10.4.0.20
    Subnet Mask . . . . . . . . . . . : 255.255.255.255
    Default Gateway . . . . . . . . . :
     
    George Merriman, Aug 24, 2007
    #5
  6. Because of the tight integration of the components of SBS (including ISA),
    it would be very helpful to get CEICW fixed. It may be as simple as
    re-registering the DLLs for CEICW:

    CD c:\Program files\Microsoft Windows Small Business Server\Networking\ICW
    Regsvr32 wizcert.dll
    Regsvr32 wizemail.dll
    Regsvr32 wizinet.dll
    Regsvr32 wizproxy.dll
    Regsvr32 wizrfire.dll

    As for your network setup, normally the internal NIC uses a 255.255.255.0
    subnet mask (rather than your 255.255.0.0 mask) since you can only have 75
    CALs. In addition, on the internal NIC, the DNS servers should put only to
    the internal NIC (10.2.2.2); the ISP's nameservers would then entered as
    forwarders (either using CEICW or in DNS | <youserver> | Properties | (all
    other DNS domains) Add ISP DNS Nameserver IPs). The DNS Server entry on the
    external NIC should point back to the internal NIC IP address (10.2.2.2).

    Two Nics, a static IP address, ISA, router
    http://www.smallbizserver.net/Default.aspx?tabid=266&articleType=ArticleView&articleId=76

    --
    Merv Porter [SBS-MVP]
    ============================
     
    Merv Porter [SBS-MVP], Aug 24, 2007
    #6
  7. he may have 75 users, each with many devices :)

    the PPP adapter {2F433911-4832-426B-9F7B-8EB5F2DC0D33}: has me interested,
    what's its function?

    What's at 10.2.0.5 ? (another server?)

    Go through http://support.microsoft.com/kb/292822
    Name resolution and connectivity issues on a Routing and Remote Access
    Server that also runs DNS or WINS

    The patches are not required, they are already part of the OS, but the
    regedits and other changes should be done.

    I don't like the bit in an earlier post 'I use static DNS for most of my
    non-portable network', someone bucking the system and wondering why they're
    getting into trouble :)


     
    SuperGumby [SBS MVP], Aug 24, 2007
    #7
  8. George Merriman

    Jeff Teel Guest

    Looks like a DNS server at 10.2.0.5

    DNS Servers . . . . . . . . . . . : 10.2.2.2
    10.2.0.5


     
    Jeff Teel, Aug 25, 2007
    #8
  9. Yes, but is it a local server? a router doing DNS proxy? the ISP's DNS?

    I can see that the server is looking to the IP for DNS, I want to know
    what's there and why the server is looking to it. :)

     
    SuperGumby [SBS MVP], Aug 25, 2007
    #9
  10. George Merriman

    Jeff Teel Guest

    Good points. Personally nearly all of the IP configuration looks confusing
    to me but maybe it's just me.

    Jeff

     
    Jeff Teel, Aug 25, 2007
    #10
  11. Hi, Merv,

    I've altered the DNS settings for my internal NIC to eliminate the pointer
    to my other DNS server on 10.2.0.5, and made sure that everything complies
    with the information in the link you site, and still no luck. Something is
    still registering the external address in the internal DNS soon after I
    delete the entry from DNS. I've tried both the 10.2.2.2 address and the local
    loopback address as the DNS for the server, with identical results.

    As for t he CEICW, I am still loath to try anything with it becasue of the
    trouble I've had in the past. In fact, one of the last times I tried to use
    it was at the suggestion of SBS CSS when trying to solve this same problem.
    After the CEICW screwed up the settings for the external NIC several times
    CSS suggested that I uninstall and reinstall the SBS tools, at which point my
    RWW site stopped responding and the dll errors started showing up for the
    CEICW. I've spent far to many hours on the phone with SBS CSS (at great
    expense to my management) trying to get the thing to work to ever want to
    touch it again. Has anyone ever figured out how to decode the CEICW error
    log? I know I have no idea what it is trying to tell me, and it seems no one
    at CSS has a clue either.

    As to the RAS interface the in ipconfig output: that is for a site-to-site
    tunnel to a branch office.

    Unless someone else has any other ideas about what is happening here I guess
    I'll just keep using the hosts file workaround for now. Other than this
    annoyance my network has been working like a charm for the last six months or
    so and I don't want to take the chance of screwing up something else.

    Thanks to all of you for your hel and suggestions.
    --
    George Merriman
    See Factor Industry, Inc.


     
    George Merriman, Aug 27, 2007
    #11
  12. Yiu might try posting the "icwlog.txt" file here and let us take a look at
    it. It should be here:

    C:\Program Files\Microsoft Windows Small Business Server\Support

    --
    Merv Porter [SBS-MVP]
    ============================

     
    Merv Porter [SBS-MVP], Aug 27, 2007
    #12
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.