none
How to setup Server 2012 to replace ISP cable modem

    Question

  • Hello All,

    I'm some what new to this so please be kind to me. I have a box running Windows Server 2012 and have added AD, DC, DNS. Now I need to setup DHCP for the domain and want the server to perform this function. The domain that is being replaced was set up so that the ISP's cable modem performed as the DHCP server because my employer's old IT tech did not know how to set it up, and I don't either but I'm not afarid to ask. I had the ISP turn off the DHCP on the modem, I can work on this while school is out so I have a few days to get this up and running. I have most of it set up but I can't figure out how I'm suppose to configure it. I have a static IP for the server from the ISP, along with the subnet mask, default gateway and DNS servers. What I can't figure out is how do I set this up so the clients can request an IP address from the server when the server is on a different subnet? Example:

    Machine IP = xx.xxx.xxx.xxx

    Subnet = 255.255.255.248

    Gateway = xx.xxx.xxx.xxx

    This IP scope that I plan on using is 192.168.xxx.xxx through 192.168.xxx.xxx

    How do I do this?

    Thanks for the help in advance!



    Friday, December 28, 2012 12:37 AM

Answers

  •  I called TW and told them to reactivate the DHCP on the modem until I can get a handle on this using my PC Lab, but the stupid modem up and died on them, they are sending a new one to me Monday. I love this job :->


    I agree with TW that you should let them activate the DHCP scope and configure the NAT and firewall until you get a handle on the situation. If you are not familiar with routing or NAT, it's not something you are going to fully understand in a few hours.

    Basically the 192.168.1.x is your Internal network. These addresses are known as privae addresses. 192.168.1.1 is the private address of your router. The router is what routes traffic between your internal network and the Internet. This is done by NAT.

    Your DHCP Scope is a range of addresses that will be given to client PC's that are connected on your internal network. These addresses are private addresses, they can range from 192.168.1.2 to 192.168.1.254.

    Your router have two Interfaces, one faces the private network, the other faces the public network. It's job is to manage traffic between the two. TW likely gave you the publlic address, subnet mask and gateway for the public interface. On the private interface, the router conencts to a swich which in turn conencts to your local PC's.

    Internet - Public IP < ROUTER> Private IP 192.168.1.1 - Local network Range 192.168.1.2-192.168.1.254


    Miguel Fra | Falcon IT Services, Miami, FL
    www.falconitservices.com | www.falconits.com | Blog

    Saturday, December 29, 2012 12:04 AM

All replies

  • 1. Please remove the IP from your example there, atleast XXX it out or enter a BS #.

    2. It sounds like you would need two nics. One to access the internet and the other for the internal network with an internal IP (192.168.xxx.xxx).  Does that server have two nics?  If so then we can proceed.


    Be kind and Mark as Answer if I helped.

    Friday, December 28, 2012 2:05 AM
  • Hi Chris,

    Sorry about the IP address stuff, didn't realize.  Anyway, yes I can set it up with two NIC's, I can run a cat5 connection to the cable modem port and then run a fiber connection to a NIC that I will install. The fiber connection would connect to our Cisco switch.

    Friday, December 28, 2012 12:06 PM
  • A DHCP server has to be on a network subnet for which it is handing out addresses.  So, yes, you could add another NIC and create another subnet and set up your DHCP service on that.  But, it is not a good idea to make your AD box into a router, which is what it appears you are trying to do.  And your subnet mask of 255.255.255.248 is way wacky, and will not work for 192.168.xxx.xxx addresses.  That would be a 255.255.0.0 subnet mask.

    Maybe if you give more detail about your desired configuration it would be easier to give you answers about how to get it set up.


    tim

    Friday, December 28, 2012 1:11 PM
  • The 255.255.255.248 was given to me by the ISP for the IP address they assigned to me. What I am trying to do is exactly what you said, I thought it was the correct way, having my one server do it all, AD, DC, DNS and DHCP. But I guess that is not correct.  I wanted to have control over DHCP because the ISP modem would continually get corrupted and I would have to call tech support and get it reset and they never seem to get it right, like lease times of 1 hour. I only have one server license so setting up multiple servers isn't an option.
    Friday, December 28, 2012 1:54 PM
  • You need to ensure is that you keep proper segmentation in place between your internal domain and the rest of the world (i.e. your ISP's modem onwards).

    Assuming you're running a relatively small shop, the easiest way to do what is just to buy a router to stick between your ISP's modem and your network, turn off its DHCP if it has it which will leave your own DHCP server allocating IPs, and configure the default gateway given out over DHCP to be the router.

    Friday, December 28, 2012 4:09 PM
  • Hello,  IMHO

    • Do not add another NIC. It will complicate things unnecessarily and create more problems with dual homing.
    • Do not add another subnet, you only need a single subnet.
    • The 255.255.255.248 is probably for your Public IP address not for your NAT

    You are getting a lot of advice, but without a clear understanding of your configuration it's going to be spaghetti on the wall. Please let us know:

    Did your ISP just disable DHCP or did they bridge the router?

    Is your ISP's router performing NAT and firewall functions?

    If your ISP router is bridged, you will needed to purchase a router. Setting up the server as a router using RRAS is a bad idea as Tim mentioned, since it's a DC.

    If your ISP router is performing firewall and NAT, then all you need to do is create a DHCP scope on your server that replaces the DHCP scope that was disabled on the router. For example, if the router handed out address 192.168.1.50-192.168.1.50 with a default gateway of 192.168.1.1 and DNS of 8.8.8.8 and 4.2.2.2, then you just need to copy these settings over to your Windows 2012 DHCP and authorize the DHCP server.


    Miguel Fra | Falcon IT Services, Miami, FL
    www.falconitservices.com | www.falconits.com | Blog

    Friday, December 28, 2012 4:31 PM
  • Did your ISP just disable DHCP or did they bridge the router?

    As far as I know they just disabled it.

    Is your ISP's router performing NAT and firewall functions?

    Not sure, is there a standard set-up for Road Runner business class modems?

    If your ISP router is performing firewall and NAT, then all you need to do is create a DHCP scope on your server that replaces the DHCP scope that was disabled on the router. For example, if the router handed out address 192.168.1.50-192.168.1.50 with a default gateway of 192.168.1.1 and DNS of 8.8.8.8 and 4.2.2.2, then you just need to copy these settings over to your Windows 2012 DHCP and authorize the DHCP server.

    When I spoke with the Time Warner tech's they gave me the static IP address to use with the server's NIC. Am I suppose to use those or the numbers from the Scope I create? My major source of confusion is that question. How do my clients get outside of my intranet? If DHCP is giving them 192.168.x.x and a gateway of 192.168.1.1, where is that gateway? When I build the scope, doesn't it have to match the static IP's octets? Man, this is really confusing the heck out of me and unfortunately my inexperience makes it difficult to explain what my questions are and no one local to call on the phone. I called TW and told them to reactivate the DHCP on the modem until I can get a handle on this using my PC Lab, but the stupid modem up and died on them, they are sending a new one to me Monday. I love this job :->


    Friday, December 28, 2012 7:32 PM
  • Not sure, is there a standard set-up for Road Runner business class modems?

    When I spoke with the Time Warner tech's they gave me the static IP address to use with the server's NIC. Am I suppose to use those or the numbers from the Scope I create? My major source of confusion is that question. How do my clients get outside of my intranet? If DHCP is giving them 192.168.x.x and a gateway of 192.168.1.1, where is that gateway? When I build the scope, doesn't it have to match the static IP's octets? Man, this is really confusing the heck out of me and unfortunately my inexperience makes it difficult to explain what my questions are and no one local to call on the phone. I called TW and told them to reactivate the DHCP on the modem until I can get a handle on this using my PC Lab, but the stupid modem up and died on them, they are sending a new one to me Monday. I love this job :->


    Hello Again,

    Find out from TW if they bridged the router or if they just disabled NAT.

    What's the IP address that they have you? Just post the first set of numbers, not the whole thing.


    Miguel Fra | Falcon IT Services, Miami, FL
    www.falconitservices.com | www.falconits.com | Blog

    Friday, December 28, 2012 11:34 PM
  •  I called TW and told them to reactivate the DHCP on the modem until I can get a handle on this using my PC Lab, but the stupid modem up and died on them, they are sending a new one to me Monday. I love this job :->


    I agree with TW that you should let them activate the DHCP scope and configure the NAT and firewall until you get a handle on the situation. If you are not familiar with routing or NAT, it's not something you are going to fully understand in a few hours.

    Basically the 192.168.1.x is your Internal network. These addresses are known as privae addresses. 192.168.1.1 is the private address of your router. The router is what routes traffic between your internal network and the Internet. This is done by NAT.

    Your DHCP Scope is a range of addresses that will be given to client PC's that are connected on your internal network. These addresses are private addresses, they can range from 192.168.1.2 to 192.168.1.254.

    Your router have two Interfaces, one faces the private network, the other faces the public network. It's job is to manage traffic between the two. TW likely gave you the publlic address, subnet mask and gateway for the public interface. On the private interface, the router conencts to a swich which in turn conencts to your local PC's.

    Internet - Public IP < ROUTER> Private IP 192.168.1.1 - Local network Range 192.168.1.2-192.168.1.254


    Miguel Fra | Falcon IT Services, Miami, FL
    www.falconitservices.com | www.falconits.com | Blog

    Saturday, December 29, 2012 12:04 AM
  • Is your ISP's router performing NAT and firewall functions?
    Not sure, is there a standard set-up for Road Runner business class modems?

    By default it will be performing NAT but you must check, if your router's been switched to bridged mode you currently have a massive security hole (though this is unlikely to be the case).

    When I spoke with the Time Warner tech's they gave me the static IP address to use with the server's NIC. Am I suppose to use those or the numbers from the Scope I create? My major source of confusion is that question. How do my clients get outside of my intranet? 

    Here's an article that might help: http://whatismyipaddress.com/private-ip - be sure to follow the link to 'What is NAT'. The numbers TW gave you will almost certainly be the external IP address details and are nothing to do with your DHCP scope.

    Here's how your clients get outside your network:

    • When the client boots (or its DHCP lease expires) it requests an IP address and associated details from the first responding DHCP server - in your case this would currently be the TW router, but it would move to your 2012 server
    • The DHCP server allocated it an IP address, list of DNS servers and a default gateway (you can see this be running 'ipconfig /all' on a client, you will see a line similar to "Default Gateway . . . . . . . . . : 192.168.1.1")
    • In short, when a client tries to connect to an external (internet) site, it will refer out through the default gateway

    If you move DHCP to your windows server, part of the configuration of that will be to specify the default gateway that gets given out to clients when the receive their IP address. Assuming you follow the advice in this thread and keep the physical router (therefore not applying the dual NIC solution) - this should remain the (static) IP address of your physical router which will probably be something like '192.168.0.1'.

    Saturday, December 29, 2012 2:30 PM
  • Thanks Everyone!  I'm suppose to get a replacement cable modem from TW on the 31st (Monday) and when it shows up I'm going to call them and have them configure it for DHCP and all. Then I'm going to do more reading and bugging the heck out of the forums until I get a good understanding of NAT's and DHCP and anything else I will need to know to get my network up and running correctly. I just wanted to let you know that I really do appreciate all of your instructions and help and that I'm not just running off like some people do and never let you know if the problem is fixed or not. I will be back after I get the modem set up and get the clients up for school. Thanks again!
    Saturday, December 29, 2012 8:04 PM
  • Good deal! We hope to hear from you again. Thank you for being a thoughtful forum user.

    Cheers


    Miguel Fra | Falcon IT Services, Miami, FL
    www.falconitservices.com | www.falconits.com | Blog

    Saturday, December 29, 2012 10:44 PM