I'm trying to share internet connection thru my LAN at home with NAT. The problem is, NAT works only if I disable the servers DHCP and DNS services and use NAT's built in DHCP and DNS. Since the server is a domain controller I require these services to be on the server for my network to function properly. If anyone could please help me with this situation I would greatly appreciate it.
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
DHCP and NAT
- Thread starter DMZ
- Start date
hmmm very strange... it should work when enabling DNS & DHCP as well...
I should try this :
Disable RRAS, reboot your server
set up DHCP & DNS and reboot your server again
Make sure DNS & DHCP are working well
Enable RRAS and set it up for NAT :
Right click on RRAS in MMC, and choose 'enable Routing & Remote Access'
Select 'manual configuration' and click next until the setup has completed
After completion, right click on 'general' under the IP routing section, and choose 'New Routing Protocol'
Choose NAT from the list
Right click on 'Network Address Translation' under the IP routing section, and choose 'new interface'
All the interfaces, both logical & physical are listed here
First, select your public interface (=interface that has an public internet IP)
Set this interface to 'public interface connected to the internet' and check 'translate TCP/UDP headers'
Do the same for the internal interface, and set it's properties to 'private interface connected to private network'
Right click 'Network address translation (NAT)' and choose properties
Go to the address translation tab, and make sure the checkbox 'automatically assign IP addresses by using DHCP' is DISABLED
In the tab 'Name resolution', make sue everything is disabled as well.
Now go to the DNS snap-in in mmc, right-click on the local server name, and choose properties
Go to the forwarders tab, and enable forwarders
Fill in the address of the DNS server of your ISP, and click OK
Restart your server
Client configuration : if your clients have a fixed IP, make sure the default GW is pointing to your RRAS server, and that the DNS server is pointing to the RRAS server as well (by using the forwarder, your RRAS server will be able to resolve all names, including internet addresses...)
If your clients are using DHCP, make sure the DHCP scope options are assigning the IP address of your RRAS server as default gateway, and that the IP address of the DNS server is pointing to your RRAS server as well...
Try to ping to 209.73.180.2
Try to do a tracert to 209.73.180.2
Try to ping to
If these 3 tests work, then you will be able to surf the internet.
(make sure your IE is not using a proxy server when it's not needed)
Good luck
Peter Van Eeckhoutte
peter.ve@pandora.be
I should try this :
Disable RRAS, reboot your server
set up DHCP & DNS and reboot your server again
Make sure DNS & DHCP are working well
Enable RRAS and set it up for NAT :
Right click on RRAS in MMC, and choose 'enable Routing & Remote Access'
Select 'manual configuration' and click next until the setup has completed
After completion, right click on 'general' under the IP routing section, and choose 'New Routing Protocol'
Choose NAT from the list
Right click on 'Network Address Translation' under the IP routing section, and choose 'new interface'
All the interfaces, both logical & physical are listed here
First, select your public interface (=interface that has an public internet IP)
Set this interface to 'public interface connected to the internet' and check 'translate TCP/UDP headers'
Do the same for the internal interface, and set it's properties to 'private interface connected to private network'
Right click 'Network address translation (NAT)' and choose properties
Go to the address translation tab, and make sure the checkbox 'automatically assign IP addresses by using DHCP' is DISABLED
In the tab 'Name resolution', make sue everything is disabled as well.
Now go to the DNS snap-in in mmc, right-click on the local server name, and choose properties
Go to the forwarders tab, and enable forwarders
Fill in the address of the DNS server of your ISP, and click OK
Restart your server
Client configuration : if your clients have a fixed IP, make sure the default GW is pointing to your RRAS server, and that the DNS server is pointing to the RRAS server as well (by using the forwarder, your RRAS server will be able to resolve all names, including internet addresses...)
If your clients are using DHCP, make sure the DHCP scope options are assigning the IP address of your RRAS server as default gateway, and that the IP address of the DNS server is pointing to your RRAS server as well...
Try to ping to 209.73.180.2
Try to do a tracert to 209.73.180.2
Try to ping to
If these 3 tests work, then you will be able to surf the internet.
(make sure your IE is not using a proxy server when it's not needed)
Good luck
Peter Van Eeckhoutte
peter.ve@pandora.be
- Thread starter
- #3
- Thread starter
- #4
I removed the root zone out of the DNS and I added in the Primary and Secondary DNS servers of my ISP in the Forwarders. However my clients are still not getting translated. There seems to be a problem with my DNS server
since I do not have the records for:
_msdcs
_sites
_tcp
_udp
The event viewer says:
Event Type: Warning
Event Source: NETLOGON
Event Category: None
Event ID: 5773
Date: 4/29/2001
Time: 5:02:13 PM
User: N/A
Computer: SERVER
Description:
The DNS server for this DC does not support dynamic DNS. Add the DNS records from the file '%SystemRoot%\System32\Config\netlogon.dns' to the DNS server serving the domain referenced in that file.
Data:
0000: 2c 23 00 00 ,#..
I have tried to repair the Active Directory DNS record registration by:
netdiag /fix and rebuilding the zones.
I am still stuck. Any other suggestions?
since I do not have the records for:
_msdcs
_sites
_tcp
_udp
The event viewer says:
Event Type: Warning
Event Source: NETLOGON
Event Category: None
Event ID: 5773
Date: 4/29/2001
Time: 5:02:13 PM
User: N/A
Computer: SERVER
Description:
The DNS server for this DC does not support dynamic DNS. Add the DNS records from the file '%SystemRoot%\System32\Config\netlogon.dns' to the DNS server serving the domain referenced in that file.
Data:
0000: 2c 23 00 00 ,#..
I have tried to repair the Active Directory DNS record registration by:
netdiag /fix and rebuilding the zones.
I am still stuck. Any other suggestions?
- Thread starter
- #5
- Thread starter
- #7
Can you try it from your server ?
Make sure the server itself has no default gateway set
Make sure that the default gateway on the clients is pointing to the internal NIC of your server...
Then try it again...
PS : Is your server already resolving public internet addresses as well ? Peter Van Eeckhoutte
peter.ve@pandora.be
Make sure the server itself has no default gateway set
Make sure that the default gateway on the clients is pointing to the internal NIC of your server...
Then try it again...
PS : Is your server already resolving public internet addresses as well ? Peter Van Eeckhoutte
peter.ve@pandora.be
- Thread starter
- #9
Yes internet is working for the server.
There is no default gateway on the server.
There is no default gateway address set for the clients becuase they obtain their configuration via DHCP.
PS: When I added in the forwarders to my ISP dns, the clients could resolve internet names such as however I was not able to ping them.
PSS: After deleting the (.) my event viewer displayed errors saying no domain controller found. I reinstalled it all once again.
I will be trying to get wingate to work however I had little luck the last time i tried.
There is no default gateway on the server.
There is no default gateway address set for the clients becuase they obtain their configuration via DHCP.
PS: When I added in the forwarders to my ISP dns, the clients could resolve internet names such as however I was not able to ping them.
PSS: After deleting the (.) my event viewer displayed errors saying no domain controller found. I reinstalled it all once again.
I will be trying to get wingate to work however I had little luck the last time i tried.
- Thread starter
- #11
- Thread starter
- #12
If I need to start setting up static configuration I'm not going use nat.
I just got wingate to work thru my lan. Its annoying setting up all the programs to use it but it works great!! Thanks for the help, sorry you couldnt resolve the issue with my nat. bad nat!
I just got wingate to work thru my lan. Its annoying setting up all the programs to use it but it works great!! Thanks for the help, sorry you couldnt resolve the issue with my nat. bad nat!
jrjuiliano
MIS
Peterve,
Just wanted to say thanks. I was having the same problems getting NAT to work on my test server and my client. Same problems DMZ was looking at.
I did pretty much everything you were discussing and it worked just great!!!
The only thing I can recommend though, is to look at what your DHCP scopes are at this point. I noticed that my DHCP scopes were only pointing to the 10.0.1.1, etc. but when I set up the new scope with 192.168.0.1 through 192.168.0.254 everything seemed to come together.
Thanks for the help, even if it was indirect!
J.R. Juiliano J.R. Juiliano
Information Systems Specialist
Tri-City Emergency Medical Group
Just wanted to say thanks. I was having the same problems getting NAT to work on my test server and my client. Same problems DMZ was looking at.
I did pretty much everything you were discussing and it worked just great!!!
The only thing I can recommend though, is to look at what your DHCP scopes are at this point. I noticed that my DHCP scopes were only pointing to the 10.0.1.1, etc. but when I set up the new scope with 192.168.0.1 through 192.168.0.254 everything seemed to come together.
Thanks for the help, even if it was indirect!
J.R. Juiliano J.R. Juiliano
Information Systems Specialist
Tri-City Emergency Medical Group
- Status
Similar threads
