DNS & DHCP

[Frodo]

I have a win2k DC1 at headquater with DHCP & DNS configured.
Everything is working fine here.
IP range using 192.168.8.0/24

From Headquater to remote office is using VPN.
Tested the vpn connection is ok, DC1 can ping to DC2 & vice versa.


Setup another win2k DC2 at remote office and joined DC1(not a child domain).
As usual, configured dhcp & dns to serve the local clients.
IP range using 192.168.10.0/24
The DC2 at remote office can ping to external world as well as
to DC1.
However, all the clients at remote office unable to access to
internet and even cant ping to DC1.
Ping to DC2 is ok.

I tried to configure manual IP address,gateway and (dns & wins point to DC1)
everything is working fine. Whenever i switch to automatically get IP from
DC2, all become dead!!

Pls help, what am i missing here.

 

[Kevin D. Goodknecht [MVP]]

In

I have a win2k DC1 at headquater with DHCP & DNS configured.
Everything is working fine here.
IP range using 192.168.8.0/24

From Headquater to remote office is using VPN.
Tested the vpn connection is ok, DC1 can ping to DC2 & vice versa.


Setup another win2k DC2 at remote office and joined DC1(not a child
domain). As usual, configured dhcp & dns to serve the local clients.
IP range using 192.168.10.0/24
The DC2 at remote office can ping to external world as well as
to DC1.
However, all the clients at remote office unable to access to
internet and even cant ping to DC1.
Ping to DC2 is ok.

I tried to configure manual IP address,gateway and (dns & wins point
to DC1) everything is working fine. Whenever i switch to
automatically get IP from DC2, all become dead!!

Pls help, what am i missing here.

You say it works when you manually configure?
What options have you defined in DHCP?
You should have these options 003, 006, 015, 044, 046 are these options
configured with the correct addresses?
Is the DHCP server authorized in AD?

 

[Shane Brasher]

Hello All,

In addition to the server being authorized, does the DHCP logs show proper
addresses being handed out? Does an ipconfig from the clients show the
proper options?
Have you taken a netmon trace from the failed clients?

Shane Brasher
MCSE (2000,NT),MCSA, A+
Microsoft Platforms Support
Windows NT/2000 Networking

 

[Michael Johnston [MSFT]]

This sounds like DC2 is being authenticated on DC1 as a client VPN connection not a DOD router connection. The proper way
to configure this is to create DOD VPN adapters within RRAS. The DOD VPN adapters must match the name of the account
they will use to authenticate the connection. For instance, on DC2 and DC1 create DOD VPN adapters called VPN. Create
accounts on each server called VPN and grant this account the dialin right. Create static routes for each remote site and point
the static route to the newly create VPN adapter. Set one of the VPN adapters to persistent and leave the adapter on the other
server as DOD.

Thank you,
Mike Johnston
Microsoft Network Support
--

This posting is provided "AS IS" with no warranties, and confers no rights. Use of included script samples are subject to the
terms specified at
http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this message are best directed to the newsgroup/thread from
which they originated.