Windows 2000 AS and NAT... like we all aren't sick of it!

[Cervantes]

Hio;
Sorry to bug everyone again with another NAT question, but I'm at the end of my rope and I can't find a solution (so far).
Here's where I am:

Win2k Advanced Server
(want to use it for Active Directory, Domain, DNS, DHCP, NAT)
2 NICs, one for LAN, one for Cable Modem

I've set up my NIC to the cable modem (named "Shaw&quot for IP addy assigned by DHCP, and specified the Shaw DNS servers.

I've set up my NIC for the LAN (named "Dungeon&quot for IP 10.0.0.1, subnet 255.0.0.0, Preferred DNS server 10.0.0.1

I've set up DNS with the domain in the forward lookup zone, and deleted the "." zone. The only thing contained in the forward lookup zone is "charon.dungeon.local" (charon is the server name, dungeon is the domain name). That branch has the Dungeon domain in it, and that is in turn empty.

I've set up DHCP, scope 10.0.0.0, server options are empty.

I've set up Active Directory, added user names and computer accounts for all the computers in my house. Charon is set up as the domain controller.

The Domain Security should all be at default.

So here's where I'm at: I can do everything from the server without trouble... pinging, dns resolution, web surfing, etc.

When I boot a client, I get assigned an IP address. I successfully joined 2 machines to the domain while in testing (and before a reformat), however, now when I try to join a machine to the domain I get "Domain name not found". I've tried both "dungeon" and "dungeon.local".

On the client machines that are part of the domain, I can browse the local network and connect to other machines in the domain. When I ping an internet address by name, it resolves the IP but says "Destination host unreachable". It does the same when I try ping by the IP. When I try to go to a web page, it bounces back immediately with "The Connection was refused attempting to contact ...".

Sorry to be so verbose, but does anyone have any ideas? I'm reading up and researching, but I'm hoping someone has a simple "Hey, change this setting to this" solution. So far, I've heard "Configure a static route" and "Add an IP tunnel" and all sorts of other things, but none of them seem to be the right solution, though I may well have buggered up the attempt.

Please, save me!

 

[ricpinto]

Can you post the results of ipconfig/all for both the PC and the server?

Also try the following:

1. open DNS snap in and right click server then goto properties, tick "forwarders". Enter the ISP DNS ip address here.

2. Complete the DHCP scope so that it can supply the IP address of DNS and the gateway to the workstation (which is your server ipaddress for both).

Note: I will advise you to purchase a router (Linksys, D-link, SMC, Netopia, etc they are very cheap less than US$100) then enable the NAT and DHCP in it. This way even the server is down PC can still surf the Net and besides it will lessen the burden in your server doing routing/NAT/DHCP.

Diagram:

Internet->DSL modem ->router(DCHP/NAT)->Switch->LAN (PC and Server).

 

[Cervantes]

Thanks, I'll give that a shot when I get home. I'm pretty sure I've enabled the DNS IPs in Forwarders (although it may have gotten deleted in all my rummagings), but I haven't enabled the client DNS/Gateway in DHCP yet (or rather, again... amazing how much stuff you can disable at 3am, isn't it?)

And yes, I know a router would be an easy and painless solution... but then I wouldn't get the fun of long, sleepless nights, a network that doesn't work, and long painful headaches (that, and I'm stubborn)

Under TCP/IP-Advanced-DNS , which of "Append parent suffixes of the primary DNS suffix", "Register this connections addresses in DNS", and "Use this connections DNS suffix in DNS registration" should I have checked? Right now I believe I have all three, though I'm also told that it doesn't make much of a different to functionality.

I'll post IPCONFIG tonite.

Thanks a bunch!

 

[oceanid1]

you should configure your scope options ( router dns )
so that client machines been assignedip address dynamically can recieve the router and dns addresses
if you don't want to figure the scope options then you will need to staticly apply the dns address to the client machines remember to stopand start rras

 

[Cervantes]

Hey ya'll!
So I got the damn thing working, mostly. Setting the server as the DNS addy was half of it. I couldn't find where to set the default gateway in DHCP... can someone tell me? (yes, I feel like a dork, but it's really hiding from me... damn cold medication). I manually set the gateway on my clients, changed out a bad NIC card, and I'm rollin! I'm hoping to set up port rules shortly, but for now I installed an older copy of BlackIce to keep me (relatively) safe for a few days. If someone can point me to the gateway in DHCP, I'll be done with this thread.

Thanks!
Cerv

 

[ricpinto]

I'll give it a shot, open DHCP snap in, expand [+] the server, expand the scope, right click "scope option" / "configure option". On the General tab look/tick/double click 003 Router. Now you can see a box to put in the gateway ip to be used by the PCs, put it in. I believe you're done.

 

[Cervantes]

That's what I tried last night, but it didn't pick up (after restarting both server and clients). I thought I'd schmucked up and that wasn't the right option, but I guess I picked right and schmucked up the implementation. At least I know I was in the right place, now I can hunt through Google and see if I can figure out why it didn't propegate.

Thanks!

 

[ricpinto]

Have a nice Googling around . . . Just a reminder, make sure your DHCP server is "Authorize"

http://www.wown.com/j_helmig/w2kdhcpc.htm