1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Windows Server 2008 R2, no client internet access

Discussion in 'Tech Support' started by KID52, 1 Jul 2013.

  1. KID52

    KID52 Minimodder

    Joined:
    19 Aug 2007
    Posts:
    335
    Likes Received:
    6
    Seem to be having an issue with getting PCs to connect to the internet.

    Only a very brief explanation, and I'm sure more information will be required to diagnose the problem.

    Server has DNS and DHCP, IP is 192.168.2.11. Internet works on the server without issue.

    Router is 192.168.2.1 with DHCP forwarded to 192.168.2.11.

    Clients can connect to the router, and the server will give them an IP (above 100). Local names such as the domain, can be pinged, as can the server name/IP.

    When trying to ping "google.com", it returns the IP, however the requests time out. Tracert fails and times out.

    Any help on this would be greatly appreciated.
     
  2. Andersen

    Andersen Brain for hire

    Joined:
    25 Nov 2002
    Posts:
    1,021
    Likes Received:
    160
    Do "ipconfig /all" on clients and copypasta output here.

    Brainfart. Did you set up forwarders on DC?
     
    Last edited: 1 Jul 2013
  3. deathtaker27

    deathtaker27 #noob

    Joined:
    17 Apr 2010
    Posts:
    2,171
    Likes Received:
    149
    Hi,

    run a DCDiag on the server as administrator and post the results please

    check your clients for their DNS server settings, are they looking anywhere

    what options have you configured in your DHCP?

    Have you authorised your DHCP to your DNS (Probably not going to resolve this but good practise)

    Are you clients DNS names appearing on your server?

    + 1 for the forwarders above
     
  4. T2I3M

    T2I3M Minimodder

    Joined:
    13 Mar 2010
    Posts:
    163
    Likes Received:
    3
  5. KID52

    KID52 Minimodder

    Joined:
    19 Aug 2007
    Posts:
    335
    Likes Received:
    6
    Output is this

    Code:
    Microsoft Windows [Version 6.1.7601]
    Copyright (c) 2009 Microsoft Corporation.  All rights reserved.
    
    C:\Users\Administrator>dcdiag
    
    Directory Server Diagnosis
    
    Performing initial setup:
       Trying to find home server...
       Home Server = ANBO-SERVER2
       * Identified AD Forest.
       Done gathering initial info.
    
    Doing initial required tests
    
       Testing server: Default-First-Site-Name\ANBO-SERVER2
          Starting test: Connectivity
             ......................... ANBO-SERVER2 passed test Connectivity
    
    Doing primary tests
    
       Testing server: Default-First-Site-Name\ANBO-SERVER2
          Starting test: Advertising
             ......................... ANBO-SERVER2 passed test Advertising
          Starting test: FrsEvent
             ......................... ANBO-SERVER2 passed test FrsEvent
          Starting test: DFSREvent
             There are warning or error events within the last 24 hours after the
             SYSVOL has been shared.  Failing SYSVOL replication problems may cause
             Group Policy problems.
             ......................... ANBO-SERVER2 failed test DFSREvent
          Starting test: SysVolCheck
             ......................... ANBO-SERVER2 passed test SysVolCheck
          Starting test: KccEvent
             ......................... ANBO-SERVER2 passed test KccEvent
          Starting test: KnowsOfRoleHolders
             ......................... ANBO-SERVER2 passed test KnowsOfRoleHolders
          Starting test: MachineAccount
             ......................... ANBO-SERVER2 passed test MachineAccount
          Starting test: NCSecDesc
             ......................... ANBO-SERVER2 passed test NCSecDesc
          Starting test: NetLogons
             ......................... ANBO-SERVER2 passed test NetLogons
          Starting test: ObjectsReplicated
             ......................... ANBO-SERVER2 passed test ObjectsReplicated
          Starting test: Replications
             ......................... ANBO-SERVER2 passed test Replications
          Starting test: RidManager
             ......................... ANBO-SERVER2 passed test RidManager
          Starting test: Services
             ......................... ANBO-SERVER2 passed test Services
          Starting test: SystemLog
             ......................... ANBO-SERVER2 passed test SystemLog
          Starting test: VerifyReferences
             ......................... ANBO-SERVER2 passed test VerifyReferences
    
    
       Running partition tests on : ForestDnsZones
          Starting test: CheckSDRefDom
             ......................... ForestDnsZones passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... ForestDnsZones passed test
             CrossRefValidation
    
       Running partition tests on : DomainDnsZones
          Starting test: CheckSDRefDom
             ......................... DomainDnsZones passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... DomainDnsZones passed test
             CrossRefValidation
    
       Running partition tests on : Schema
          Starting test: CheckSDRefDom
             ......................... Schema passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... Schema passed test CrossRefValidation
    
       Running partition tests on : Configuration
          Starting test: CheckSDRefDom
             ......................... Configuration passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... Configuration passed test CrossRefValidation
    
       Running partition tests on : anbo
          Starting test: CheckSDRefDom
             ......................... anbo passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... anbo passed test CrossRefValidation
    
       Running enterprise tests on : anbo.local
          Starting test: LocatorCheck
             ......................... anbo.local passed test LocatorCheck
          Starting test: Intersite
             ......................... anbo.local passed test Intersite
    
    C:\Users\Administrator>
    They are looking at 192.168.2.11 I believe (the server). Do not have access to a client at the moment, so cannot check 100%, but I am confident this is the case and will confirm tomorrow morning.

    DNS servers: 127.0.0.1, 8.8.8.8 (I'm sure I had 192.168.2.11 instead of 127.0.0.1, not sure if it makes a difference, I would assume it does as it would mean the client is looking at itself as the primary DNS server?)

    Yes, this came up as a warning so I authorized it.

    Yes, I can see the DNS name of the client, eg PC-01, and their assigned IP address.

    Forwarders set to 8.8.8.8 and 8.8.4.4.

    Thanks for the replies, I quoted this one as it seemed to cover what was said in the other replies too.
     
  6. Andersen

    Andersen Brain for hire

    Joined:
    25 Nov 2002
    Posts:
    1,021
    Likes Received:
    160
    You should put the server's address as DHCP option for DNS, nothing else. Like below:

    [​IMG]
     
  7. workingclass

    workingclass What's a Dremel?

    Joined:
    17 May 2010
    Posts:
    246
    Likes Received:
    10
    Just to throw one thing in here... if you ping googles IP address and get a reply but not if you ping google.com then your problem is dns. Also looking at where your tracert fails is very informative.

    The reason local names succeed is because the clients send out local name resolution requests, then arp requests (local broadcasts) and these do not requires a DNS server present.
     
    Last edited: 2 Jul 2013
  8. Chairboy

    Chairboy I want something good to die for...

    Joined:
    10 Jun 2004
    Posts:
    1,773
    Likes Received:
    112
    Can't see if you said that you've set it, but does DHCP give out a gateway? (see the router option in Andersen's screenshot).

    This should be the IP of your router, not the server.
     
  9. deathtaker27

    deathtaker27 #noob

    Joined:
    17 Apr 2010
    Posts:
    2,171
    Likes Received:
    149
    you want the following options set:

    003 Default gateway
    006 ip address of the server for dns
    015 your domain suffix (eg: Contoso.com)
     
  10. Andersen

    Andersen Brain for hire

    Joined:
    25 Nov 2002
    Posts:
    1,021
    Likes Received:
    160
    To expand that...

    1: Set the server's network adapter to use your ISP's DNS servers
    Control panel -> network and sharing center -> manage adapters -> properties
    Note that server will still resolve local machine names
    2: add your ISP's DNS servers to forwarders under AD DNS (SS below), maybe others
    3: DHCP option 003 is the router's address
    4: DHCP option 006 is the server's address
    5: DHCP option 015 is domain name

    My forwarders setup, disregard two at top. You cant use them.

    [​IMG]
     
  11. Votick

    Votick My CPU's hot but my core runs cold.

    Joined:
    21 May 2009
    Posts:
    2,295
    Likes Received:
    99
    I'd space them out more tbh.. Else if one DNS provider goes down your waiting on 2 queries before you get a response form a working DNS server and your users will ring you complaining of slow page load times. :/

    [​IMG]

    Also I wouldn't

    You run into issues of the server being unable to see the domain. It should just be pointing to it's self or another server in the cluster. Good old 127.0.0.1
     
  12. saspro

    saspro IT monkey

    Joined:
    23 Apr 2009
    Posts:
    9,448
    Likes Received:
    276

    No, don't do that bit. You'll break AD. Forwarders are there for a reason.
     
    Votick likes this.
  13. Votick

    Votick My CPU's hot but my core runs cold.

    Joined:
    21 May 2009
    Posts:
    2,295
    Likes Received:
    99
    Exactly what my post above was on about :)
    Rep+
     
  14. Andersen

    Andersen Brain for hire

    Joined:
    25 Nov 2002
    Posts:
    1,021
    Likes Received:
    160
    Looks like I was wrong there. Oh well, live and learn.
     
  15. KID52

    KID52 Minimodder

    Joined:
    19 Aug 2007
    Posts:
    335
    Likes Received:
    6
    Thanks guys.

    Turns out it was a silly mistake, after reading the posts here, I had set the router IP being sent to the clients as the server IP, after changing it to the actual router IP, everything appears to work as it should!
     

Share This Page