Internet Sharing

Discussion in 'Server Networking' started by M.I. Tabassum, Mar 12, 2005.

  1. I have a small network in office using Windows 2000 SP4 as PDC and Windows XP
    SP2 on all clients computers. There are 2 NICs in my server one is connected
    to clients locally and one is connected to BroadBand Internet service.

    Locally connected NIC have IP 192.168.0.1 and Internet one gets IP
    Dynamically from the ISP and I have Enabled the Internetsharing on that card.

    All Clients are set to recieve Dynamic IPs from the server and they ARE
    getting them properly in the series of 192.168.0.xxx. All clients are
    properly sharing everything on the Network as per setup in their Accounts BUT
    they all are failing to access the Internet ONLY.

    Kindly, Advise. Thanking in advance.
     
    M.I. Tabassum, Mar 12, 2005
    #1
    1. Advertisements

  2. M.I. Tabassum

    Todd J Heron Guest

    This error can occur because of a common DNS misconfiguration. We need more
    details on your setup. Can you please provide the following information:

    ->Output of ipconfig /all from a problem machines (an unedited version -
    please do not make any changes)
     
    Todd J Heron, Mar 12, 2005
    #2
    1. Advertisements

  3. First of all thankyou very much for your prompt reply sir. Actually here its
    late night and I am at home and not in office. But I try to tell you this
    ipconfig..

    On Server Machine it was

    Local Area Network Ehternet Card
    IP Address: 192.168.0.1
    Subnetmask: 255.255.255.0
    Default Gateway: 192.168.0.1

    Worldcall Cable
    DNS : worldcall.net.pk
    IP Address: Any IP Assigned by the ISP
    Subnetmask:255.255.255.0
    Default Gateway: Also assigned Dynamically by ISP

    On XP Workstation
    DNS: worldcall.net.pk (I think it was before mshome but i dont know its an
    ISP name now)
    IP Address: 192.168.0.xx
    Subnetmask:255.255.255.0
    Default Gateway: 192.168.0.1

    Please see if you can help or else will post ipconfig /all for all the
    machines on Monday.
    Thanks once again.

    Regards
     
    Muhammad Ismail Tabassum, Mar 12, 2005
    #3
  4. M.I. Tabassum

    Todd J Heron Guest

    Well I see that this is obviously a mistake:

    Local Area Network Ethernet Card
    IP Address: 192.168.0.1
    Subnetmask: 255.255.255.0
    Default Gateway: 192.168.0.1

    In the above, you have the IP address set to be the same as the default
    gateway or networking will not function. That looks like an obvious typo in
    your message. Secondly, for the clients, what "Preferred DNS server" are
    they set for under their TCP/IP Properties if so what is it exactly? You
    might want to wait until Monday before you answer so you can give all the
    correct information at once.
     
    Todd J Heron, Mar 12, 2005
    #4
  5. M.I. Tabassum

    Bill Grant Guest

    Hi Todd,

    The DG setting on the server LAN NIC is certainly wrong as you said.
    This will prevent LAN machines seeing the Internet. It should be blank.

    Did you notice the reference to a DC in the original post? And the
    clients pointing to an external DNS service in the later post? There are
    major problems with ICS running with AD (not least with DNS). He will need
    to point the clients to the local DNS and set up forwarding on that to the
    external DNS to get both local and "foreign" DNS working properly.
     
    Bill Grant, Mar 12, 2005
    #5
  6. M.I. Tabassum

    Todd J Heron Guest

    Bill, thanks for some reason I missed the reference to the fact there was a
    DC in the first post.
     
    Todd J Heron, Mar 12, 2005
    #6
  7. M.I. Tabassum

    Bill Grant Guest

    I am not even sure it will work at all with ICS. With RRAS/NAT, you
    can turn off the DNS proxy option so that it uses the local DNS. You can
    then set up forwarding on the local DNS and it works. I haven't tried it
    with ICS.
     
    Bill Grant, Mar 13, 2005
    #7
  8. M.I. Tabassum

    Todd J Heron Guest

    BG>I haven't tried it with ICS.

    I've heard you mention in the past that ICS isn't really compatible with AD
    as well and I see your point. Usually no one will install ICS (unless a
    home user) on a server and go instead with the more fully-featured RRAS and
    use the built-in firewall of that instead. But maybe a beginner will enable
    ICS just to get things going. Like you, I have never tested this scenario.
    It just isn't "corporate". Most small shops will leverage RRAS, ISA, or
    more commonly utilize third-party NAT/firewall solution. When the OP posts
    back on Monday, we can try to see what we can do for him though. He said he
    would check back in I hope he does.
     
    Todd J Heron, Mar 14, 2005
    #8
  9. First of all I am really grateful to both you gentlemen for taking interest
    in my problem. Following are the output of ipconfig/all for the server and
    for xp workstation:
    Windows 2000 Server (PDC):
    Windows 2000 IP Configuration



    Host Name . . . . . . . . . . . . : domain-server
    Primary DNS Suffix . . . . . . . : domain.townshendhomes.com
    Node Type . . . . . . . . . . . . : Hybrid

    IP Routing Enabled. . . . . . . . : Yes

    WINS Proxy Enabled. . . . . . . . : No

    DNS Suffix Search List. . . . . . : domain.townshendhomes.com
    worldcall.net.pk
    townshendhomes.com

    Ethernet adapter WorldCallCable:



    Connection-specific DNS Suffix . : worldcall.net.pk
    Description . . . . . . . . . . . : D-Link DFE-538TX 10/100 Adapter
    Physical Address. . . . . . . . . : 00-50-BA-5C-F0-3B

    DHCP Enabled. . . . . . . . . . . : Yes

    Autoconfiguration Enabled . . . . : Yes

    IP Address. . . . . . . . . . . . : 203.81.203.180

    Subnet Mask . . . . . . . . . . . : 255.255.255.0

    Default Gateway . . . . . . . . . : 203.81.203.1

    DHCP Server . . . . . . . . . . . : 192.168.4.3

    DNS Servers . . . . . . . . . . . : 203.81.192.17
    203.81.192.10
    Lease Obtained. . . . . . . . . . : Monday, March 14, 2005 9:11:23 AM

    Lease Expires . . . . . . . . . . : Monday, March 14, 2005 10:11:23 AM


    Ethernet adapter OfficeIntranet:



    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast
    Ethernet NIC
    Physical Address. . . . . . . . . : 00-00-1C-D2-EE-A8

    DHCP Enabled. . . . . . . . . . . : No

    IP Address. . . . . . . . . . . . : 192.168.0.1

    Subnet Mask . . . . . . . . . . . : 255.255.255.0

    Default Gateway . . . . . . . . . :

    DNS Servers . . . . . . . . . . . : 127.0.0.1

    Windows XP workstation:
    Windows IP Configuration



    Host Name . . . . . . . . . . . . : ismail

    Primary Dns Suffix . . . . . . . : domain.townshendhomes.com

    Node Type . . . . . . . . . . . . : Mixed

    IP Routing Enabled. . . . . . . . : No

    WINS Proxy Enabled. . . . . . . . : No

    DNS Suffix Search List. . . . . . : domain.townshendhomes.com

    worldcall.net.pk

    townshendhomes.com



    Ethernet adapter Local Area Connection:



    Connection-specific DNS Suffix . : worldcall.net.pk

    Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast
    Ethernet NIC

    Physical Address. . . . . . . . . : 00-EE-B2-02-46-9A

    Dhcp Enabled. . . . . . . . . . . : Yes

    Autoconfiguration Enabled . . . . : Yes

    IP Address. . . . . . . . . . . . : 192.168.0.177

    Subnet Mask . . . . . . . . . . . : 255.255.255.0

    Default Gateway . . . . . . . . . : 192.168.0.1

    DHCP Server . . . . . . . . . . . : 192.168.0.1

    DNS Servers . . . . . . . . . . . : 192.168.0.1

    Lease Obtained. . . . . . . . . . : Monday, March 14, 2005 9:26:31 AM

    Lease Expires . . . . . . . . . . : Monday, March 21, 2005 9:26:31 AM

    PS: domain.townshendhomes.com is my PDC domain name and worldcall.net.pk is
    my ISPs domain.
    Thankyou very much for your extreme cope so far.

    Regards,
     
    Muhammad Ismail Tabassum, Mar 14, 2005
    #9
  10. M.I. Tabassum

    Todd J Heron Guest

    Let's try some steps to resolve this problem. First, if you were to buy a
    broadband firewall/router, say a $80-$100 Linksys, and operate your server
    with just one network card, it would run a lot better and would be more
    secure, since it would no be directly exposed to the Internet. However,
    assuming that you want to make any hardware topology changes to your current
    network, I will try to help you.

    1) On the Windows 2000 Server (PDC), open the properties for Ethernet
    adapter WorldCallCable. Remove both DNS entries shown here (make them both
    blank):

    DNS Servers . . . . . . . . . . . : 203.81.192.17
    203.81.192.10

    2) On the Windows 2000 Server (PDC), open the DNS Management console (Start
    Properties > Forwarders tab. Add two entries for your ISP's DNS server
    here. 203.81.192.17 and 203.81.192.10. Click OK when finished. You can
    reboot the server when finished to ensure that all caches get flushed and
    DNS services restarted.
     
    Todd J Heron, Mar 14, 2005
    #10
  11. Hi Todd,
    Before making these changes I would like to mention here that the
    worldcall.net.pk and its DNS enteries are all Dynamically assigned and
    differes from time to time from ISP. In Configuration of the LAN card
    connected to ISP is all set getting things automatically. Please let me know
    if I still need to go ahead with the changed u mentioned. Thanks

    Regards,
     
    M.I. Tabassum, Mar 14, 2005
    #11
  12. M.I. Tabassum

    Todd J Heron Guest

    No, do not make any changes in that case. I went back to your last post and
    noted the external adapter is indeed dynamically assigned. Further, if you
    are indeed using ICS (Internet Connection Sharing) on the internal adapter
    "Ethernet adapter OfficeIntranet", then I believe it makes a "mini-DHCP"
    server and a "mini-DNS" server, which is not configurable IIRC. Can you
    confirm that you are running ICS?
     
    Todd J Heron, Mar 14, 2005
    #12
  13. Yes I have enabled ICS on Worldcallcable adapter in the Advanced Tab and that
    has set the Local Office Intranet adapter to 192.168.0.1. Please let me know
    if anything else unclear.
     
    M.I. Tabassum, Mar 14, 2005
    #13
  14. M.I. Tabassum

    Todd J Heron Guest

    Can you do this. On the Windows 2000 Server (PDC), open the DNS Management
    console (Start > Programs > Administrative Tools). Then, right-click
    domain-server > Properties > Forwarders tab. Add two entries for your ISP's
    DNS server here. 203.81.192.17 and 203.81.192.10. Click OK when finished.
    You can reboot the server when finished to ensure that all caches get
    flushed and DNS services restarted.
     
    Todd J Heron, Mar 14, 2005
    #14
  15. I am afraid i want be able to do that as in forwarders tab enable forwarders
    option is faded and it says forwarders are not available because this is a
    root server.

    thanx
     
    M.I. Tabassum, Mar 14, 2005
    #15
  16. M.I. Tabassum

    Todd J Heron Guest

    Inside of the DNS MMC, delete the "." zone. This will enable you to
    configure Forwarders.
     
    Todd J Heron, Mar 14, 2005
    #16
  17. Hi Todd,
    Luckily one local ISP System operator solved it. Was an old friend and
    this problem made us in contact after long time. Anyway I am really grateful
    to you on ur extreme cope regarding the matter and also to Bill for taking
    interest in solving my matter. Following are the changes he made and
    everything started working properly. Just for your future reference:

    He put Primay DNS Server and Alternate DNS Server for my PDC's NIC card that
    is Office Intranet to 203.81.192.10 and 203.81.192.17 respectively and
    everything back to normal.

    Still thankyou very much for ur kind cope. Have a good week ahead.

    Best Regards,
    M.I. Tabassum
     
    M.I. Tabassum, Mar 14, 2005
    #17
  18. M.I. Tabassum

    Todd J Heron Guest

    Hi M.I.,

    That may have solved the Internet browsing problem, but have you taken a
    look at any of your event logs lately? Because your server is an AD domain
    controller which is (1) multihomed, (2) has external DNS server entries in
    it's network adapter TCP/IP properties, and (3) is running ICS, I can bet
    that you have many "hidden" problems with it alluded to by your event logs.
    This is just FYI.
     
    Todd J Heron, Mar 14, 2005
    #18
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.