DNS configuration Windows Server 2012 R2

Question

First of all I would like to say that my background is software development, saying that, I'm trying to help a friend set-up a small network in is office company. I have a windows server 2012 r2 that is AD/DC and DNS server, this machine as 2 ethernet boards one for intranet and another for internet access. I have configure the AD and all the pcs are connected to the domain I created. I have configure all of then to use the dns server as primary dns server. On the DNS server configuration I have added as forwarders the router ip that connects to the internet and also google public dns servers. The problem is that all the pcs on my intranet show the exclamation mark of no internet access, the only machine with internet is the server... I'm missing something?? Interesting thing for is that if I do a ping on machines inside the network it translate to the IP address but it times out... Can anybody give an hint.

    Server Ipconfig
Microsoft Windows [Version 6.3.9600]
(c) 2013 Microsoft Corporation. All rights reserved.

C:\Users\Admin>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : 11-SRV
   Primary Dns Suffix  . . . . . . . : florneema.local
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : florneema.local

Ethernet adapter Internet:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : HP Ethernet 1Gb 2-port 332i Adapter #2
   Physical Address. . . . . . . . . : A0-1D-48-C7-04-61
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::4917:e2e3:b9f:43d8%13(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 228597064
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-76-00-14-A0-1D-48-C7-04-60

   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Intranet:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : HP Ethernet 1Gb 2-port 332i Adapter
   Physical Address. . . . . . . . . : A0-1D-48-C7-04-60
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::58b9:c0fe:7766:4152%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.2(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 211819848
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-76-00-14-A0-1D-48-C7-04-60

   DNS Servers . . . . . . . . . . . : ::1
                                       192.168.0.2
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{B07E05D2-9C60-4E99-B4DF-0AFF4370EFD7}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{2F15F8C3-C634-4FE4-A762-4CF28A7CA25D}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes



Machine ipconfig
Microsoft Windows [Versão 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. Todos os direitos reservados.

C:\Users\utilizador>ipconfig /all

Configuração IP do Windows

   Nome do Anfitrião. . . . . . . . .: PC-1
   Sufixo DNS principal. . . . . . . : florneema.local
   Tipo de nó. . . . . . . . . . . . : Híbrido
   Rota IP activada. . . . . . . . . : Não
   WINS Proxy activado . . . . . . . : Não
   Lista de Pesquisa de Sufixos DNS : florneema.local

Placa de rede local sem fios Ligação de rede sem fios:

   Sufixo DNS específico da ligação. :
   Descrição . . . . . . . . . . . . : Qualcomm Atheros AR9485 Wireless Network
Adapter
   Endereço físico . . . . . . . . . : AC-B5-7D-E8-38-5A
   DHCP activado . . . . . . . . . . : Não
   Autoconfiguração activada . . . . : Sim
   Endereço IPv6 de local de ligação : fe80::7cf9:82d1:19d4:c5c3%12(Preferido)
   Endereço IPv4 . . . . . . . . . . . . . . : 192.168.0.3(Preferido)
   Máscara de sub-rede . . . . . . . : 255.255.255.0
   Gateway predefinido . . . . . . . : 192.168.0.2
   IAID DHCPv6 . . . . . . . . . . . : 313308541
   DUID Cliente DHCPv6 . . . . . . . : 00-01-00-01-1D-63-CC-DE-08-62-66-11-42-0C

   Servidores DNS. . . . . . . . . . : 192.168.0.2
   NetBIOS por Tcpip . . . . . . . . . . . . : Activado

Adaptador ethernet Ligação de Área Local:

   Estado do suporte . . . . . . . . : Suporte desligado
   Sufixo DNS específico da ligação. :
   Descrição . . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Endereço físico . . . . . . . . . : 08-62-66-11-42-0C
   DHCP activado . . . . . . . . . . : Sim
   Autoconfiguração activada . . . . : Sim

Adaptador Tunnel isatap.{9523D4C1-969C-4247-A9C5-9C783630D31F}:

   Estado do suporte . . . . . . . . : Suporte desligado
   Sufixo DNS específico da ligação. :
   Descrição . . . . . . . . . . . . : Placa Microsoft ISATAP
   Endereço físico . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP activado . . . . . . . . . . : Não
   Autoconfiguração activada . . . . : Sim

I suspect this is more then likely a default gateway/routing issue. Can you post the contents of ipconfig /all from the server and the same from one of the pc/laptops — Drifter104, Sep 08 '15 at 16:37
Agreed. What are the clients using as their Default Gateway? Additionally, why is the server multi-homed? Why are you using one interface to connect to the internet and another to connect to the internal network? What ip address configuration do you have on the internet connected NIC? Multi-homing a DC goes against best practice and is likely going to cause problems, if it isn't already. — joeqwerty, Sep 08 '15 at 16:42
@joeqwerty my idea was to separate and control the internet access — Ruben Monteiro, Sep 08 '15 at 17:06

score 3 · Accepted Answer · answered Sep 08 '15 at 18:37

3

You should not be using your DC to separate your internal network from the Internet, that is the job of your router (or another border device such as a firewall). Best practice would be to configure all your devices on the same network (probably 192.168.1.0/24) using a switch.

If you are insisting on keeping your DC in between, you will need to configure it to NAT and route the 192.168.0.0/24 subnet so that the traffic can successfully leave and return.

answered Sep 08 '15 at 18:37

D34DM347

1,461
2
19
32

Thanks for all the replies, I know that what I'm doing is not best practice, but with what I have it is the only solution... I has able to solve with configure nat to route the traffic. – Ruben Monteiro Sep 09 '15 at 11:38

DNS configuration Windows Server 2012 R2

1 Answers1