domain\ client sharing - DHCP problem

hello

i have setup a domain controller with static ip address

IP:10.0.0.1
SUBNET:255.255.255.0
GETWAY: 10.0.0.254

DNS:10.0.0.1

AND another server as a dhcp

with static ip
IP:10.0.0.2
SUBNET:255.255.255.0
GETWAY: 10.0.0.254

DNS:10.0.0.1

and scope
start with 10.0.0.5 to 10.0.0.240
subnet 255.255.255.0
dns 10.0.0.1
router 10.0.0.1 which is the getway
EXCLUDED IP START FROM 10.0.0.5 TO 10.0.0.10

the main problem is client can ping and access any shared folder in domain 10.0.0.1and log to domain normal without any problem
but the main domain can not access the client or ping but it can ping and access any folder in
dhcp server

really need help im studying the couse by my self so please any suggestion would be great full
and it would help a lot

Find more posts tagged with

Comments

sprkymrk

Why is your gateway address on the servers different than what you are assigning through DHCP to the clients? I would use the same gateway on the servers, 10.0.0.1, as you do on the clients.

rebelx

sprkymrk wrote:

Why is your gateway address on the servers different than what you are assigning through DHCP to the clients? I would use the same gateway on the servers, 10.0.0.1, as you do on the clients.

i tried to make client gateway the domain controller scene its works like a router to them
and server gateway modem

i'll try your solution now and i'll post the result thank you :P

i have reboot my syetem due to update

meadIT

Please post your ipconfig results on your client. Also, make sure that all of the firewalls are off until you can get connectivity, then you can go back and turn them back on.

dynamik

+1 for client firewall.

Just to clarify, an incorrect gateway IP won't affect LAN activities like pinging and accessing shared folders. I agree with Mark though, what's the point of setting things up like that? Are you running RRAS on your DC?

sprkymrk

dynamik wrote:

+1 for client firewall.

Just to clarify, an incorrect gateway IP won't affect LAN activities like pinging and accessing shared folders. I agree with Mark though, what's the point of setting things up like that? Are you running RRAS on your DC?

(Attempt to save face):
You are correct dynamik in this case, because of the subnet/mask used. In some cases though, where a LAN encompasses multiple subnets, it would affect it.
(Failed save, admits defeat)

However, I don't know how I missed my ususal "check the personal firewalls" answer. I guess being off last week has affected my ability to properly analyze a situation. Use it or lose it.... :P

rebelx

hi again

sorry for posting late GOT problems anyway

the gateway now the same in all os
the firewall shutdown

the SITUATION now is clients can view the shared folders on dhcp server and DC and can ping

DC, DHCP server can't view or ping clients

scope between 172.168.1.10 TO 172.168.1.240
excluded 172.168.1.10 to 172.168.1.15

here are the configurations i have on DC,DHCP,CLIENT

dc

dhcp

client

NOTE: using vistual pc 2007

any help would be greatfull

sprkymrk

Can the clients ping each other? Client--to--client?

Can the Dc ping the DHCP server and vice-versa?

It still sounds like a firewall is enabled on the clients. Either that or a network setting within VirtualPC.

rebelx

sprkymrk wrote:

Can the clients ping each other? Client--to--client?

Can the Dc ping the DHCP server and vice-versa?

It still sounds like a firewall is enabled on the clients. Either that or a network setting within VirtualPC.

CLIENTS can ping to each other

DC - SERVER can ping to each other

and the firewall turned off

which make me wonder why
and what do you mean network setting on the virtual pc if i may ask

and this is the second time i've intalled virtual pc even i thought there might be something wrong with the installation so i made a new install for all os's which is wrong but i don't have any idea why

macdude

Part of the problem that you could be having is the fact that your default gateway and your IP address of your domain controller at the same address.

Your gateway needs to be the address of your firewall and/or router and the domain conrtoller should be something different.

meadIT

macdude wrote:

Part of the problem that you could be having is the fact that your default gateway and your IP address of your domain controller at the same address.

Your gateway needs to be the address of your firewall and/or router and the domain conrtoller should be something different.

Not necessarily. Since his lab is set up in Virtual PC, he probably doesn't have a firewall or router set up. So the DC would also be the default gateway. This is how I set up all my Virtual Labs:

Main PC - 192.168.0.1 (ICS enabled)

DC - Nic 1 - 192.168.0.101 (allows my virtual network to use my PC's NAT to get out to the internet)

Nic 2 - 192.168.2.1 (This is the internal virtual network address and the default gateway)

DHCP settings:
IP Range: 192.168.2.10 - 192.168.2.254
Subnet : 255.255.255.0
Def Gateway: 192.168.2.1
DNS: 192.168.2.1

Other member servers get the 192.168.2.2 through 192.168.2.9 static addresses.

rebelx

macdude wrote:

Part of the problem that you could be having is the fact that your default gateway and your IP address of your domain controller at the same address.

Your gateway needs to be the address of your firewall and/or router and the domain conrtoller should be something different.

was from the beginning different each one has it's own address and the same issue still exist
and it could be different if im going to connect to a different router or different network
as long as it's locally may not cause a real problem

rebelx

meadIT wrote:

macdude wrote:

Part of the problem that you could be having is the fact that your default gateway and your IP address of your domain controller at the same address.

Your gateway needs to be the address of your firewall and/or router and the domain conrtoller should be something different.

Not necessarily. Since his lab is set up in Virtual PC, he probably doesn't have a firewall or router set up. So the DC would also be the default gateway. This is how I set up all my Virtual Labs:

Main PC - 192.168.0.1 (ICS enabled)

DC - Nic 1 - 192.168.0.101 (allows my virtual network to use my PC's NAT to get out to the internet)
Nic 2 - 192.168.2.1 (This is the internal virtual network address and the default gateway)

DHCP settings:
IP Range: 192.168.2.10 - 192.168.2.254
Subnet : 255.255.255.0
Def Gateway: 192.168.2.1
DNS: 192.168.2.1

Other member servers get the 192.168.2.2 through 192.168.2.9 static addresses.

um.. thank your for your reply but it's the same method also applied in my case

i'll try to change my ip address as yours
and give it a hit

meadIT

rebelx wrote:

meadIT wrote:

macdude wrote:

Part of the problem that you could be having is the fact that your default gateway and your IP address of your domain controller at the same address.

Your gateway needs to be the address of your firewall and/or router and the domain conrtoller should be something different.

Not necessarily. Since his lab is set up in Virtual PC, he probably doesn't have a firewall or router set up. So the DC would also be the default gateway. This is how I set up all my Virtual Labs:

Main PC - 192.168.0.1 (ICS enabled)

DC - Nic 1 - 192.168.0.101 (allows my virtual network to use my PC's NAT to get out to the internet)
Nic 2 - 192.168.2.1 (This is the internal virtual network address and the default gateway)

DHCP settings:
IP Range: 192.168.2.10 - 192.168.2.254
Subnet : 255.255.255.0
Def Gateway: 192.168.2.1
DNS: 192.168.2.1

Other member servers get the 192.168.2.2 through 192.168.2.9 static addresses.

um.. thank your for your reply but it's the same method applied also in my case

i'll try to change my ip address the same as yours
and give it a hit

Oh, I didnt mean for you to change your config to mine. I was just giving an example as to why your setup was correct.

meadIT

It still looks like a firewall issue to me. You can ping one way (Client to DC) but not the other way. Your clients can get to the DHCP server just fine because you have a provided IP address. I would double check that the firewall is turned completely off on each client. Maybe even disable the firewall in a Group Policy to make sure.

rebelx

meadIT wrote:

It still looks like a firewall issue to me. You can ping one way (Client to DC) but not the other way. Your clients can get to the DHCP server just fine because you have a provided IP address. I would double check that the firewall is turned completely off on each client. Maybe even disable the firewall in a Group Policy to make sure.

triple check firewall setting its really turned off in all client machines even on DC | DHCP

thank you for trying to help

meadIT

Can you post the results from the following commands to give us a little more info to help out?

From the DC:
ping 172.168.1.2
ping 172.168.1.16
route print

From the DHCP server:
ping 172.168.1.1
ping 172.168.1.16
route print

From Client 1:
ping 172.168.1.1
ping 172.168.1.2
route print

macdude

If you go to the client and go to my network places and browse can you see the servers? What about if you go to the servers can you see the other server and clients?

When you say you can't ping, are trying to ping by address or by name?