DNS Problem ?

[Gavin]

Here is the problem I am having. I have a multihomed Server acting as an AD
DC, also using as VPN and Proxy. Config is as followes:

Nic1 - 192.168.1.1 DNS 192.168.1.1
Nic2 - 63.XX.XX.XX DNS 206.13.29.12 GW 63.XX.XX.XX
forwarding is setup in the DNS to point to 206.13.29.12

The problem is when I try and ping a public address it will time out. I can
ping the address on the server but not on any workstation. The workstations
can get on the internet through the proxy but does not seem to resolve any
intenet names.

Anyone have any suggestions? Is this a routing issue or DNS?

Thanks
Gavin...

 

[Michael Johnston [MSFT]]

Gavin,
The server should only point to itself for DNS. On the external adapter you will need to remove the 206.13.29.12 address. The forwarder you have configured
for the DNS service will handle external name resolution so this external DNS server entry isn't needed and may cause problems for clients authenticating to
the AD. As for the internal clients, they too need to point only at the internal IP address of your DNS server.

I need more information about the statement "The problem is when I try and ping a public address it will time out. I can
ping the address on the server but not on any workstation." Where are you pinging from? Does the server have Internet name resolution? If not, make sure
that the proxy has the proper packet filters open for the DNS sevice.

Thanks,
Mike Johnston
Microsoft Network Support
--

This posting is provided "AS IS" with no warranties, and confers no rights. Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this message are best directed to the newsgroup/thread from which they originated.

 

[Crazy]

In

Here is the problem I am having. I have a multihomed Server acting as
an AD DC, also using as VPN and Proxy. Config is as followes:

Nic1 - 192.168.1.1 DNS 192.168.1.1
Nic2 - 63.XX.XX.XX DNS 206.13.29.12 GW 63.XX.XX.XX
forwarding is setup in the DNS to point to 206.13.29.12

The problem is when I try and ping a public address it will time out.
I can ping the address on the server but not on any workstation. The
workstations can get on the internet through the proxy but does not
seem to resolve any intenet names.

Anyone have any suggestions? Is this a routing issue or DNS?

Thanks
Gavin...

What Proxy server are you using?
Do you have NAT installed?

 

[Gavin]

I can ping www. yahoo.com from my server that the proxy
is on, but when i try from a workstation on the network I
cant. Since the workstations go through the proxy they
have no problem accessing the internet, but they need to
get to a pop address for e-mail and they are timing out
when they ping, but I have no problem getting to that
address on the server?

Thanks
Gavin

-----Original Message-----
Gavin,
The server should only point to itself for DNS. On the

external adapter you will need to remove the 206.13.29.12
address. The forwarder you have configured

for the DNS service will handle external name resolution

so this external DNS server entry isn't needed and may
cause problems for clients authenticating to

the AD. As for the internal clients, they too need to

point only at the internal IP address of your DNS
server.

I need more information about the statement "The problem

is when I try and ping a public address it will time out.
I can

ping the address on the server but not on any

workstation." Where are you pinging from? Does the
server have Internet name resolution? If not, make sure

that the proxy has the proper packet filters open for the DNS sevice.

Thanks,
Mike Johnston
Microsoft Network Support

confers no rights. Use of included script samples are
subject to the terms specified at

http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all

responses to this message are best directed to the
newsgroup/thread from which they originated.

 

[Gavin Ross]

I am using ISA Server, and i do not have nat turned on.

 

[Crazy]

In

I am using ISA Server, and i do not have nat turned on.

If you are using ISA then by default ICMP packets are rejected on the
external interface(not a bad idea) you can enable ICMP but I'm not so
familiar with ISA to tell you exactly how to turn it on.