Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

DNS

Status
Not open for further replies.
dtk3

dtk3

MIS
Feb 24, 2004
44
0
0
CA
Hello. I have configured a Win 2000 Server with DNS. Currently, users pc's are pointed to the DNS server within their network settings. The Win 2000 Server seems to pass along the ISP DNS server IP's to the users therefore allowing them to have access to the internet. I would like to disable this 'passing' so that our server does not give the pc's the ISP DNS IP's. I've looked around and can't figure out how to do this. Does anyone know?

Thanks!

DTK3
 
Sort by date Sort by votes
Are you using DHCP? If so, configure the DNS servers in the DHCP Server Options. Put the addresses of your internal DNS servers in there - Scope Option 006 DNS Servers.

If they are static IP's then just set them to use your own DNS servers.

Be aware your DNS may be configured to forward any unresolved requests to your ISP DNS servers anyway so they can still access the Internet.
 
Upvote 0 Downvote
If your workstations are set to your internal DNS servers only as preferred and alternate, or through the DHCP options, they will not seek queries from DNS servers on the Internet. They are forced to rely on your DNS servers for answers.

On the server...
In the forwarding settings, with your ISPs DNS servers placed as entries, set "Do not use recursion". This forces your DNS servers to only go to the ISPs DNS servers for a query answer, a bit safer then allowing your DNS servers to query any old DNS servers out on the Internet. Safer in the sense there are fake DNS servers, which could introduce virus code to your DNS servers.
 
Upvote 0 Downvote
Are you just trying to stop everyone from getting on the internet? If so and you are on one local network, remove their default gateway.

Network Admin
A+, Network+, MCSA 2000, MCSE 2000
 
Upvote 0 Downvote
Hello! Thanks for all the information. What I ended up doing is just taking out the gateway as was mentioned. Initially the pc still had a connection to the internet after taking the gateway IP out so I had to go into DOS and delete the route table entry

0.0.0.0 0.0.0.0 gateway IP users pc IP

Just in case someone else ever has this problem just open up DOS and type "route print". You should see something like the entry above. Then type "route delete 0.0.0.0" to take the entry out.

The internet should no longer work on that station.

Thanks again.

Cheers
DTK3
 
Upvote 0 Downvote
To be honest that's a pretty kludgy way of stopping internet access. There are much better ways out there. For example, putting in a decent cheap firewall, e.g. smoothwall, as your default gatewya would be a much better idea.

As a sys admin you should have as much centralised as possible. Centralised = controlled!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
142
suncit
suncit
fredmartinmaine
  • Locked
  • Question
Domain Controller without DNS Server
Replies
4
Views
162
fredmartinmaine
fredmartinmaine
telecotek1
  • Locked
  • Question
strange DNS issue
Replies
1
Views
65
telecotek1
telecotek1
evr72
  • Locked
  • Question
Wundows Server 2003 DNS can resolve names but not ip addresses
Replies
0
Views
32
evr72
evr72
rrmcguire
  • Locked
  • Question
group policy to set dns
Replies
2
Views
75
rrmcguire
rrmcguire

Part and Inventory Search

Sponsor

Back
Top