DNS not working/installing properly?-Server08R2

[damarious25]

Setup: Modem>Server08R2>Router>PC's

I have set up domain services and joined my PC's to the domain, added DHCP with a valid scope, but DNS won't work. I have the official academic course material on Server08R2 and watched this detailed video. DNS seems to install properly but when I try to connect my PC's to the internet I get a DNS not active or something along those lines. This is my first time setting up a network through Windows Server so be nice.

Server08R2 normal PC which meets well more then min requirements. 2 NICs. Do the connections have to be bridged? I didn't think so but real application is a lot different then VM labs to learn Server08!!!

Modem (from ISP with built in router) = WAN automatic. wireless/off, DHCP/off. Straight DSL in and an ethernet to NIC1 in. NIC2 out to cisco wrt320n (not configured, still at defaults). I've given NIC1 a static IP with a gateway to the modem and a loop-back for a DNS. NIC2 has also been given a static IP.

This is where I'm stuck. I can get PC's to join the domain but I cant get the domain controller's DNS to work so the PC's can connect to the internet. This is my home network so quick replies are appreciated. Please ask me for whatever info you need to help me solve this.



Thanks!

 

[StarTrek4U]

That's because you have a router between your server and your PCs, the correct setup would be:

Modem -> Router -> Your Internal Network (which means both the server & Clients plug into the Router or Switch)

You absolutely DO NOT want your server box directly connected to the internet, if it isn't already compromised it will be soon.

You can make your Server to DHCP and DNS if you want just make sure your router doesn't.

 

[Private Citizen]

Did you setup forwarders in the DNS settings? You need this because your DNS server cannot resolve the names of the millions of different domain names on its own. It needs help from the internet's DNS servers. Also you need to allow outbound port TCP port 53 through the firewall and this includes Win2008 built in firewall if it is on too.

 

[jdetmold]

That's because you have a router between your server and your PCs, the correct setup would be:

Modem -> Router -> Your Internal Network (which means both the server & Clients plug into the Router or Switch)

You absolutely DO NOT want your server box directly connected to the internet, if it isn't already compromised it will be soon.

You can make your Server to DHCP and DNS if you want just make sure your router doesn't.

what he said
also it really is just like a vm lab if you think about it the same.
in the vm lab you have a virtual switch, your server and guests are all connected to it.
then you usually have a physical firewall/router connecting your vm system to the internet.

in the real world this would be a real switch or your routers integrated switch connect everything there then set your forwarders in your server dns and shut off dns & dhcp on your router. that will provide firewall for your network and rout between wan and lan. your server will provide dns dhcp (dhcp is optional if you want your router to handle that then just forward dns to your server in your routers dhcp settings)

 

[C7J0yc3]

Can you only do internal lookups or does that not even work?

Also as others have said everything needs to be behind the WRT320n. Make sure that the DHCP services are turned off, and have the DNS forwarders pointed one to your ISP's DNS and the other to your internal DNS. Then go to your 2008R2 server and check to make sure that you have DNS forwarders to external DNS zones so that windows can actually do lookups.

 

[damarious25]

Hey everyone! Thanks for all the help.

I've had the wrt320n sitting around forever but haven't used it before. I've always just used my ISP modem with built in router for local file sharing. What I was trying to accomplish with all this was to properly setup Windows ADDS in a perimeter network with modem>server>router>clients but my networking skills are far to amateur so I did as everyone said and changed the hardware to modem>router>server/clients.

I ran into a number of issues though. The default IPs for my Modem and Router had different host addresses; ie 192.168.2.1 and 192.168.1.1. I thought I had to change those so they could communicate with static IPs. After the change the only way I could edit any settings was to directly connect an ethernet cable from either device to my laptop and enter their new static IPs (with the same host addresses ie; 192.168.5.1 and 192.168.5.2) but still had problems. I couldn't figure out how to get my static Router to connect to my static Modem. I even found an option on my Router to use PPPoE (which was already used on my modem)... That led to some phone calls to my ISP when I couldn't get any internet even after hard resetting my modem.

Overall at that time I could get a domain setup and have my home clients join the domain but couldn't get anything to connect to the internet. I thought it was issues with server 08 DNS but it was because of my errors trying to setup static IP connections between the Modem and the Router. It then dawned on me to allow DHCP between my Modem and my Router so my Router would use any given IP to get internet and then I could disable my Routers network DHCP. That would give me (working) internet on my server so dcpromo could properly create a domain and automatically setup DNS; afterwards I would then setup DHCP, create a user and - boom- mission accomplished. I didn't get that far.

A friend of mine is travelling and relying on my machine for some file shares so because of all the issues I decided to abandon the project until my friend is back in the area. I allowed DHCP on my modem and router and edited all my machines connections. Now everything is back to normal with an added (now working) router and all server 08 R2 roles uninstalled. I will try again in a few weeks to set it all up again but for now:

One last issue. With all my dcpromos windows server has switched my default administrator account to a new one and I'm not sure how to get it back? ---- SOLVED:
http://support.microsoft.com/kb/324734