NAT problems with web sharing!
We have 5 clients running Win2k pro with static IP, Gateway (Server's IP), DNS (Server's IP). Also, our server runs Win2k server and it has active directory, domain and nat enabled. The problem is that when we try to access the web we can do that only from server! Is there a special way to configure the clients to ...
We have 5 clients running Win2k pro with static IP, Gateway (Server's IP), DNS (Server's IP). Also, our server runs Win2k server and it has active directory, domain and nat enabled.
The problem is that when we try to access the web we can do that only from server!
Is there a special way to configure the clients to have web access from server? Oh, server has the ISDN modem too!
Here are our server's info:
domain.company.com
ip 192.168.0.1
mask 255.255.255.0
dns 192.168.0.1
Here are our clients' info:
member of the above domain
ip 192.168.0.x
mask 255.255.255.0
gateway 192.168.0.1
dns 192.168.0.1
Also, I would like to note that pre-Active Directory and NAT time, we had plain workgroup access and ICS enabled. After the changes we have web access ONLY from server while everything else works like charm ;(
ANY help would be GREATLY appreciated! Thank you in advance...
The problem is that when we try to access the web we can do that only from server!
Is there a special way to configure the clients to have web access from server? Oh, server has the ISDN modem too!
Here are our server's info:
domain.company.com
ip 192.168.0.1
mask 255.255.255.0
dns 192.168.0.1
Here are our clients' info:
member of the above domain
ip 192.168.0.x
mask 255.255.255.0
gateway 192.168.0.1
dns 192.168.0.1
Also, I would like to note that pre-Active Directory and NAT time, we had plain workgroup access and ICS enabled. After the changes we have web access ONLY from server while everything else works like charm ;(
ANY help would be GREATLY appreciated! Thank you in advance...
Participate on our website and join the conversation
This topic is archived. New comments cannot be posted and votes cannot be cast.
Responses to this topic
As I wrote previously (maybe not that clear) all of our clients have dns of 192.168.0.1 and just that.
About the "can you get to external nameservers through it" that you replied, what do you mean? The clients can share files, printers, etc. with each other AND the server too! But the server does not share the internet connection to the clients... As for other servers we don't have in our company and we don't need to access other servers or clients outside our workgroup --other than the ISP's server that is
Thank you in advance...
About the "can you get to external nameservers through it" that you replied, what do you mean? The clients can share files, printers, etc. with each other AND the server too! But the server does not share the internet connection to the clients... As for other servers we don't have in our company and we don't need to access other servers or clients outside our workgroup --other than the ISP's server that is
Thank you in advance...
I'm sorry, I was in a rush and wasn't very clear. What I'm thinking is that your clients are not getting a web host resolved through DNS.
If you type http://64.124.237.148 into IE instead of www.download.com, does that work for your client computers? What I'm speculating on is that your clients are not getting an ip when a domain name is sent to the server. By changing the server to use active directory and use it's own DNS, it may only be resolving dns entries on the internal network for your clients, and not getting dns info from your isp to your client machines.
You could try something like I showed above from your client machines to test for this. Try pinging a domain, and if it does not work, try pinging the ip.
-Ry
If you type http://64.124.237.148 into IE instead of www.download.com, does that work for your client computers? What I'm speculating on is that your clients are not getting an ip when a domain name is sent to the server. By changing the server to use active directory and use it's own DNS, it may only be resolving dns entries on the internal network for your clients, and not getting dns info from your isp to your client machines.
You could try something like I showed above from your client machines to test for this. Try pinging a domain, and if it does not work, try pinging the ip.
-Ry
Hmmmm...
Just like Ryoko asked, can you ping to an outide IP like 192.5.41.40 but you can't ping tick.usno.navy.mil on the client machine?
If that's the case then you may have to reset your DNS to an outside source that works temporarily until you can resolve your DNS issues for the client machines.
If you can't ping out at all in either case on the client machine then most likely you may not have your ICS turned on or configured properly. Make sure you have your box checked to enable ICS in you network properties for your ISDN modem.
Hope that helps.
Just like Ryoko asked, can you ping to an outide IP like 192.5.41.40 but you can't ping tick.usno.navy.mil on the client machine?
If that's the case then you may have to reset your DNS to an outside source that works temporarily until you can resolve your DNS issues for the client machines.
If you can't ping out at all in either case on the client machine then most likely you may not have your ICS turned on or configured properly. Make sure you have your box checked to enable ICS in you network properties for your ISDN modem.
Hope that helps.
Indeed I can ping at any other external IPs through clients but when I type a web address at IE5.5 nothing is found ;( When I typed http://64.124.237.148 the browser worked for a second or two, found that the IP belongs to CNET and then... error!
Is there a way to fix this? I have NAT configured to Share the Internet Connection via a Dial-Up interface (ISDN) and as I wrote previously only the server has web access while the clients don't!
Thank you in advance...
Is there a way to fix this? I have NAT configured to Share the Internet Connection via a Dial-Up interface (ISDN) and as I wrote previously only the server has web access while the clients don't!
Thank you in advance...
Then your problem is DNS. You need to set up DNS server on that server (which should be set up if you have an Active Directory created on it). Go into the DNS MMC and right-click on the server, choose properties. Click the "Forwarders" tab and put in the IP addresses of your ISP's DNS servers.
What this does is make it so the DNS server on your Win2k Server will forward DNS requests for anything other than your own zone... it will forward those requests out to the ISP DNS servers to return the proper IP.
Incidentally, I wouldn't recommend using ICS for this kind of setup - you should look into doing it "the right way" with Routing and Remote Access... but tackle this DNS problem first
--Alexander
What this does is make it so the DNS server on your Win2k Server will forward DNS requests for anything other than your own zone... it will forward those requests out to the ISP DNS servers to return the proper IP.
Incidentally, I wouldn't recommend using ICS for this kind of setup - you should look into doing it "the right way" with Routing and Remote Access... but tackle this DNS problem first
--Alexander
I quickly browsed this post so forgive me if I missed something ...
I think you will have to set up RRAS if you are not using ICS. Once you configure RRAS (and probably DNS), you should not have any issues.
There has to be something running to 'bridge' the connection between both NICS. ICS does it automatically and RRAS will do it once configured.
Hope this helps.
I think you will have to set up RRAS if you are not using ICS. Once you configure RRAS (and probably DNS), you should not have any issues.
There has to be something running to 'bridge' the connection between both NICS. ICS does it automatically and RRAS will do it once configured.
Hope this helps.
The reason the browser worked for a second, and not completely is that initially it runs on the ip address. Then it gets forwarded to www.cnet.com which requires dns. You just need to get a forwarder set up. I believe someone posted how to do this above.
-Ry
-Ry
After some digging around with the Win2K server and based on this forum's helpful users I managed to fix the problem!
N.A.T. settings and not I.C.S. settings were OK from the start! The trouble was at the DNS settings and to be more specific, at the Forward Zone where we had a root server (.).
Anyway, I deleted it (. aka root) and everything worked like magic. Thanks everyone for your help and your precious free time
Thank you!
N.A.T. settings and not I.C.S. settings were OK from the start! The trouble was at the DNS settings and to be more specific, at the Forward Zone where we had a root server (.).
Anyway, I deleted it (. aka root) and everything worked like magic. Thanks everyone for your help and your precious free time
Thank you!
