[99Cookies]

Hi there,

I'm currently setting up a domain in my house with the server listed in my sig. I'm on windows server 2008 R2. Right now, I have a switch connected to my router (my router is a router AND a modem at the same time). On the switch, my server and my other computers are connected, and some are on the router.

For now, my server does the DNS and DHCP part of my network, but the firewall and NAT is done by the router. The problem I have, is whenever I join one of my computers to the domain of my server, I need to point that server as the default gateway, therefore they no longer have access to the internet. Despite that, everything else work, I can connect myself on a user created on the server.

So here's my questions;

1.Do I need to desactivate the router part of my router so it only provide an internet access? I have a spare ethernet card that I can put in my server so I was wondering if I should plug the server in the router and then the switch in my server and use the server as a gateway point and as a firewall/dns/dhcp/NAT provider instead of the router.

2.I have 2 1TB drives in raid 1 in my server, if I want to manage who in my network as access to which folder, do I need a domain for that?

3. What antivirus should I use for my server and what firewall should I use on my server to protect my network.

Thank you very much for reading! If you have any question on my problem, ask me !

 

[99Cookies]

Anyone?

 

[ipv89]

I think it would be best to use a stand alone router to receive your internet connection not a modem/router/switch.

question 2 you just need to set up access permissions for each user.

3. im not to sure i have limited experience and am still learning about servers I hope I have been of some help

 

[99Cookies]

But if I use a stand alone router, how can the users in my domain get internet if I have to point the default gateway on the server ?

Thanks for the reply

 

[airbozo]

Quote:

Originally Posted by 99Cookies

But if I use a stand alone router, how can the users in my domain get internet if I have to point the default gateway on the server ?

Thanks for the reply

I don't remember having to point my gateway to the 2008 server. Mine is pointed to the router/firewall. In fact here at work, the default gateway is the switch and not the domain controller.

 

[airbozo]

BTW: My router is still my dhcp server if that helps...

 

[particleman]

The way you describe your setup, it should work. I suspect you haven't configured something properly, can you ping your server from the computers that you are trying to join to the domain, either by hostname or IP address? Are you sure you disabled DHCP on the router? Is your server's IP set as the primary DNS server in the DHCP options?

 

[particleman]

Make sure that you change the primary dns server in your DHCP options to the IP of your server. You will also need to enable root hints or dns forwarders on your server if you want to be able to resolve internet hostnames (ie access the internet) after changing the primary dns server to your server.
Quote:

Originally Posted by airbozo

BTW: My router is still my dhcp server if that helps...

 

[99Cookies]

Quote:

Originally Posted by airbozo

I don't remember having to point my gateway to the 2008 server. Mine is pointed to the router/firewall. In fact here at work, the default gateway is the switch and not the domain controller.

The only way I managed my computer to connect to the domain was to point the gateway to the DC, otherwise it wasnt working

 

[99Cookies]

Quote:

Originally Posted by particleman

Make sure that you change the primary dns server in your DHCP options to the IP of your server. You will also need to enable root hints or dns forwarders on your server if you want to be able to resolve internet hostnames (ie access the internet) after changing the primary dns server to your server.

Yes, I've desactivated the DHCP on my router, and pointed my DC as the primary DNS provider. In the fowarder zone of my DNS I put the google DNS address for external connexions.

EDIT: I can ping my server with the computer connected to the domain, and I can access the files on the RAID 1 array. The only thing I cant do, is to go on internet. But if I then change the gateway of the computer for the modem/router, I now have access to the internet but lose access to the server's storage!

 

[particleman]

It sounds like you might not have dns forwarding configured properly. Follow the steps in this article:

http://www.adiscon.com/common/en/articles/configure-windows-dns-for-internet-access.php

"To view or modify the configuration, right click the server in DNS manager. Then, select "Properties" from the context menu. A new dialog appears. There, select "Forwarder":

If "Enable Forwarders" is checked, your DNS server will use the forwarders specified to resolve names it cannot resolve itself. Forwarder addresses are specified in the big listbox. In the above sample, there is a single forwarder with IP 172.16.0.1. Please note that forwarders need to be specified by IP address and not DNS name, as most probably your DNS server would not be able to resolve the IP address without using the forwarder - what would yield us to an endless loop.

In a typical setup, the DNS forwarders should be provided by your local Internet access provider. As DNS queries are cached, this will result in optimal performance. We recommend having at least two forwarders. If - as in the example - only a single forwarder is available, this is a single point of failure. If it goes down, no name resolution and thus Internet access is possible - even if the connection and all other servers are working perfectly well. Most ISPs provide at least two servers for their customers. If in doubt, ask!"

Also you want to leave your router as the default gateway, only the primary dns server should be pointing to your server.
Quote:

Originally Posted by 99Cookies

Yes, I've desactivated the DHCP on my router, and pointed my DC as the primary DNS provider. In the fowarder zone of my DNS I put the google DNS address for external connexions.

EDIT: I can ping my server with the computer connected to the domain, and I can access the files on the RAID 1 array. The only thing I cant do, is to go on internet. But if I then change the gateway of the computer for the modem/router, I now have access to the internet but lose access to the server's storage!

 

[Spacedinvader]

Quote:

Originally Posted by 99Cookies

Yes, I've desactivated the DHCP on my router, and pointed my DC as the primary DNS provider. In the fowarder zone of my DNS I put the google DNS address for external connexions.

EDIT: I can ping my server with the computer connected to the domain, and I can access the files on the RAID 1 array. The only thing I cant do, is to go on internet. But if I then change the gateway of the computer for the modem/router, I now have access to the internet but lose access to the server's storage!

If I'm understanding you right you're changing your network settings to get internet. Change the settings in IE (insert other browser) to point to the proxy address (in LAN settings in internet options)

 

[99Cookies]

If I don't put the server as gateway for my computer, it just doesn't want to connect to the domain. In fact, there's a window poping that says that it haven't found the domain controller on the server, and list my server name as nameofmyserver.modelofmyrouter.com instead of nameofmyserver.nameofmydomain.com ***! I'm pissed

 

[99Cookies]

anyone?

 

[ELeighK]

You're doing something wrong then because your default gateway should be your router and your DC should only be for your DHCP and DNS (and GPOs if you're using them). If you're statically assigning IP addresses are you making sure that everything is in the same subnet?

 

[jibesh]

Here is an example of how a typical small network should be configured.

Lets assume you are using the 192.168.1.0 range with a /24 subnet (255.255.255.0). Your domain controllers provide DHCP and DNS services.

Gateway/router: 192.168.1.1
Subnet: 255.255.255.0
Domain Controller 1 (DNS/DHCP): 192.168.1.10
Domain Controller 2 (optional) (DNS/DHCP): 192.168.1.20

Client:

IP: 192.168.1.100
Subnet: 255.255.255.0
Default Gateway: 192.168.1.1
DNS 1: 192.168.1.10
DNS 2: 192.168.1.20

Couple of things to check for:

On the DNS servers, make sure you have Forwarders enabled to your ISP's DNS servers or a public DNS server like Google DNS (8.8.8.8 or 8.8.4.4). Run the nslookup command on your client pc to verify addresses are resolving. i.e. nslookup google.com

Disable any DHCP or DNS services on the router.

Make sure the domain controllers are not providing any type of routing service and there is no switch that is providing any Layer 3 services either. Routing should be handled by the gateway/router.

Are you using any VLANs on your switch, servers or router (other than whatever default VLAN configuration your switch or router uses)?