Tom's Guide | Tom's Hardware | Tom's Games
 |
 |
 |
I have windows server 2003 os on one computer and xp pro on the others. I have a small network of about 5-7 computers. One computer is setup as a dc, dns server, dhcp server, app server and file server. now, the other computers on the internet are getting their ip adresses assigned by the dhcp server (on the server computer, not the router) and can see each other on the local network. On the other hand they cannot access the internet while the dc can. I am using public ip's through a bridged modem/router and using the dhcp server to distribute dynamic ip's within the network . dhcp and nat are disabled on the router. The server is setup with a static public ip and I might still use some of my public ip's on select computers on the network. On the server I have the public ip setup
statically. The setup on the server is as follows:
.ip address is that of one of my public ip's
.subnet mask is the set to the same on the server and the dhcp server range.dns servers are the actual server public ip and the ip's of the dns servers given to me by my isp
.the only difference really is the fact that the subnet mask given to me by the isp is different than the one given to me by the isp, but...
.one computer, that I am having receive its ip and dns information from the dhcp server on the dc can see the server on the network, but not the other computers. this one computer has the same subnet, dns, and gateway information as the other computers. The only difference from this computer to the others is that the others seem to be able to see everybody else on the network and access the internet while this one cannot access the internet ( the other computers are assigned dynamic ip's statically). Also the range of ip's I am distributing with the dhcp is in the same range as my public ip's while the computers assigned ip/dns/gateway statically have dynamic ip'assigned statically that are in the same range as the ip for the router..This is an odd situation for me because of the fact that the computers that have dynamic ip's assigned statically can access the internet without a hitch and can see each other...and normally cannot see the server or the computer that has its ip assigned dynamically by the dhcp server. At times though these computers have been able to see the server and access it and yet the server did not seem able to even see these other computers. I have always thought it was because the ip address on the server is one of my public ip's and the ip addresses on the computers with the statically assigned dynamic ip's is on a totally different range of addresses that are on the same range as the router ip ( which at the moment uses one of the standard router ip addresses: 192.168.1.1 or .whatever).
I have tried setting the gateway ip, i.e. the router ip, to be the same as the current ip of my router and this has not worked. Of course I still did have two other addresses set up as a secondary and tertiary addresses. The second and third addresses for the gateway in the dhcp setup were respectively, the ip I assigned to the dc and the gateway ip given to me by my isp.
I also tried putting in all of the available dns servers given to me by my isp. Since I have my dc setup as
a dns server the first dns address on the list is the one I assigned to the dc. The second and third are ip's given to me by my isp.
The computers that have statically assigned ip's only have the server ip as the dns server and no other dns ip's, yet they can access the internet. Also their gateway ip is the ip I received from my isp. This is what bothers me since my original setup through the dhcp used the same ip configuration as the computers I just mentioned in this paragraph and yet the computers assigned ip's through the dhcp cannot access the internet.
What am I missing? I have been told that I might need to change the routers ip address. Is that really necessary? Do I have to use one of my public ip's as the routers address or can I use any one address within the same range as the addresses the dhcp gives out? I've also been told thatI should enable nat. Well, I need to have nat disabled at least on the router so that I can actually make use of my public ip's. If I do need to enable nat, maybe I can enable nat on the server. Would that possibly solve my problem?
Any other suggestions are welcome.
wow long post there....
.... I take it you have the server behind the router?
.... then why does it have a public IP?
1. configure the router with your public IP info on the WAN side.
2. set a static IP on the server for your LAN.
IE.. router 192.168.1.1
server 192.168.1.2
subnetmask 255.255.255.0
gateway 192.168.1.1
dns 192.168.1.1 (if dns is configured on the server)3. reconfigure you DHCP scope.....
scope range 192.168.1.100 - .???
dns = server IP
0 
You will want to forward the DNS server (192.168.1.2) to your ISP's DNS servers. This way, your DNS handles all requests inside the local zone (LAN) and forwards requests outside the local zone (internet) to your ISP's DNS for resolution.
0
I'll try to respond to everybody's posts.
Yes, the server is behind the router/dsl modem.
It has a public ip because as far a I know, in order for me to be able to access my server from elsewhere I need to have public ip's. Eventually I want to host a website on my server and an ftp site and for these reasons as well, I believe I would need public ip's.
I'm not quite sure what you mean by me configuring the router with my public ip info on the wan side.
The router's address is still one of the standard default router ip's. Are you saying that I need to have the router on the same range as the one given out by the dhcp?
Cause the statically assigned computer don't have the router's ip address assigned anywhere and they can still access the internet along with any other computers on the network with the same address range. At times though these statically assigned computers were able to see the server and the dhcp assigned computers and access them. Most of the time though they cannot.
You have the server ip, the router ip and the dhcp range all in the same range of ip's. Does that make a difference? Cause I can just try to change the ip of the router.The situation then is that the computer's that have the ip's assigned statically can access the internet and the only dns server that is setup on those is the dc's ip address.
As for the dns foward lookup, since the statically assigned computers can access the internet and they only have the dc's ip assigned as a dns server, then is the foward lookup zone the issue.
does this shed more light on the problem?
or am I just missing it entirely?thanks for the help so far
0
Questions:
1) Are your clients able to access the internet right now?
2) What DNS address do the client PC's have in their setup and where are they getting it (ie: DHCP, static)?
0
you dont want your server on a public IP.
thats how hackers find it and take advantage of it.
WAN = wide area network = internet side of the router.
LAN = local area network = your internal network
After its setup properly to access the server from the outside you will simply forward the correct ports to the server through the router.
0
the dhcp clients cannot access the internet but can access the shared resources on the server, ie they can see the server in network places and access shared folders.
the static clients can access the internet but cannot access the server, see it in network places or access shared resources from the server.
The dhcp clients have three dns servers setup in the dhcp scope, which when I run ipconfig on the clients that information is there; and they still can't access the internet. primary dns is my server, secondary and tertiary are isp dns servers.
Now for the statically assigned clients the only dns server I listed on their tcp/ip configuration is my server, nothing else; and they access the internet just fine.
****************************************
Now, I have been told that I should have my server setup with a static ip. But if I do not use one of my public ip's for the server then how do I use my public ip's? Can the dhcp and dns server be set up using a static private ip? How about my ftp and web server? I would think they do need a public ip. Now can I set up public ip's for those server roles while having a private ip set up statically for the server itself?
Cause that was one of the issues I had earlier, the nat could not be disabled on my previous linksys router and so my public ip's were being translated into one private ip for the whole of my lan.
Now with the router/modem in bridged mode all my public ip's come right through and when I make a request out the ip that goes out as the one that made the request is the ip of the computer that made it. also, since I want to host my own web site I believe I do need to use a public ip and have the isp's dns servers point to my public ip when the get a request for the website name. In that situation especially I do belive I would have to have a public ip.
Which brings me back to a question I made earlier in this post.
Can I have the server's ip be a private one and set up a public one just for its web server role?
0
First off NAT = network address translation.
Your router should be doing NAT. (public to non public IP's/diferent subnets.) thats what NAT is for.
Take the router out of bridged mode.
lets go back over my post and add in Curt R's post here, and add in some notes.
...........
wow long post there....
.... I take it you have the server behind the router?.... then why does it have a public IP?
1. configure the router with your public IP info on the WAN side. (internet side)
2. set a static IP on the server for your LAN (plugged into local network side of router)
IE.. router LAN Side 192.168.1.1
server 192.168.1.2
subnetmask 255.255.255.0
gateway 192.168.1.1
dns 192.168.1.2 (if dns is configured on the server)3. reconfigure you DHCP scope.....
scope range 192.168.1.100 - .???
dns = 192.168.1.2 (only DNS you need, your server handles the DNS for the clients)
.........now add in the good info from Curt R.
....
You will want to forward the DNS server (192.168.1.2) to your ISP's DNS servers. This way, your DNS handles all requests inside the local zone (LAN) and forwards requests outside the local zone (internet) to your ISP's DNS for resolution.(This is in your forward lookup zone)
......
Now for some new info!!
Port forwarding in the router...
Lets say your router has a WAN IP... 216.216.216.216
Your ISP/DNS host should be pointing everything to that IP.... 216.216.216.216...
Now I take it you have 1 server? so I will use the above 192.168.1.2.
in the router port forward port:
80 - 192.168.1.2 --- For a web server.
21 - 192.168.1.2 --- For your FTP
3389 - 192.168.1.2 --- For RDP (nice for remote admin)(this is the default port for terminal server)
25 - 192.168.1.2 POP3 If your running exchange(and people pop off mail)
110 - 192.168.1.2 SMTP If your running exchangeTry the above and you will find everything works... May take 24-48 hours for the DNS for your web and FTP to filter through the internet once you have the host correct it.
0
I apologize if I am frustrating you guys, like I said, at least to me this has been a difficult problem to solve.
Now, thank you for the explanation but I did already know what NAT meant. I don't doubt that what you posted would work, but I hesitate to do that because in your examples you use just private ip's. If you are saying that I should not use public ip's at all I ask you why?
From what I understand, using nat on the router would mean that any request sent by any client or the server, to the internet would look like one ip, I don't know if I am remembering correctly but I believe that to be my gateway ip ( Which I also assume to be what you are referring to as Wan ip, if not please if you could explain further). And according to the port fowarding you asked me to set up on the router any request back would go through the router to the server, which would then distribute that request to the appropriate client using its dhcp server role.Now by that rationale I don't really need public ip's. But that begs the question; Why would somebody need public ip's then?
At the moment I have a few to use and would like to know if there are any advantages to having them, otherwise I might just give them back and stick to private ip's, especially since everything seemed to be working fine before and is very buggy now.The reason I ask all this is also because I want to be able to do it either way, with public or private. I may be wrong, but don't many businesses own some public ip's and would therefore have to deal with similar problems as I face now, but often in a much larger scale. If I'm right on that then all I am doing is trying to prepare myself to at some point be able to set that up for some business, maybe even other than my own and get paid handsomely for my results.
So once again, I apologize if I seem to be hammering a point you feel is irrelevant. As you can see, it is not irrelevant to me and I would be very thankful if you would just indulge me and help me find a solution either way.
Thank you very much for your help so far
0
My god man.... Go to a networking class!!!
Your WAN IP is the Public IP provided to you from your ISP. (The gateway they provide you is a router on their network)
Large businesses have more then one public IP for many reasons.... Multiple web servers, terminal servers, ftp servers and such. Multiple locations. You will find out most of these companies will also have large Cisco routers that can have more then 1 public IP assigned to it, and can programmed to handle NAT, port forwarding, and all other network traffic depending on what IP the traffic comes in on.
So yes you need at least 1 public IP.
In your case you don’t seem to know much about NAT, subnets, port forwarding. First thing you learn about “subnets”….
Different subnets are used so that you can separate networks on the same infrastructure. So you could have a network at 192.168.2.? and a network at 192.168.1.? on the same switch, and they cant see each other! (would need a good switch for this… prefer a 3 layer)
Now the problem you are experiencing with PC’s not seeing the server is subnets! Your server is on a public (lets say) 216.216.216.216 with subnet 255.255.255.??? your network is getting DHCP IP’s 192.168.1.???? with subnet 255.255.255.0.
…. See an issue there???? I do…. 192.168.1.??? with a subnet 255.255.255.0 … means only talk to PC’s in the 192.168.1.??? range…… Well how the heck can they talk to your server then???
Do the above and you will find it works.
0  |
 |
 |
This post is quite old and has been locked from receiving new replies. Please create a new posting instead.
| Ads by Google |
