none
Computers can't find domain controller when connected to the internet

    Question

  • Hello, I just recently switched from ATT to xfinity, and with that I had to redo my static IP addresses for my Active Directory Domain.  I had 3 client machines connected to the domain and it worked without a problem on my ATT router, but now, even with new IP addresses in the xfinity router range, the clients can only be re-added to the domain when the ethernet cable providing internet access is not connected to the network switch.  I know it must have something to do with DNS, but I am not sure what.  I have set the default gateway of the client machines to the IPv4 address of the domain controller, and they can see the domain on a local connection with no internet access.  Any help would be appreciated.  Thanks in advance.
    Sunday, April 16, 2017 10:19 PM

Answers

  • The two IPv6 DNS coming from router (Comcast DNS) are problematic.

    2001:558:feed::1

    2001:558:feed::2

    I'd try turning off IPv6 in router if possible. Worst case uncheck it in protocols on client network connection properties.

    Or another solution is to put your own personal nat router in between xfinity and your domain.

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.


    • Edited by Dave PatrickMVP Sunday, April 23, 2017 12:39 PM
    • Marked as answer by pootie2 Monday, April 24, 2017 6:05 AM
    Sunday, April 23, 2017 12:24 PM

All replies

  • I have set the default gateway of the client machines to the IPv4 address of the domain controller

    Default gateway should be set to the router address. The DC and clients both should have the static address of DC for DNS only, no others such as router or public DNS. If you need more help then post the text output of an unedited ipconfig /all of DC and problem client.

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.




    Sunday, April 16, 2017 10:25 PM
  • Just curious, your DNS clients only does not work or you lose connection of the whole network? I had a similair issue where the users connected to Internet using VPN, they lost access to DNS and domain and mostly it is because of new routing table of VPN client. This could be fixed by adding a static IP route. 


    Mahdi Tehrani | | www.mahditehrani.ir
    Make sure to download my free PowerShell scripts:

    Monday, April 17, 2017 4:58 AM
    Moderator
  • Hello, I just recently switched from ATT to xfinity, and with that I had to redo my static IP addresses for my Active Directory Domain.  I had 3 client machines connected to the domain and it worked without a problem on my ATT router, but now, even with new IP addresses in the xfinity router range, the clients can only be re-added to the domain when the ethernet cable providing internet access is not connected to the network switch.  I know it must have something to do with DNS, but I am not sure what.  I have set the default gateway of the client machines to the IPv4 address of the domain controller, and they can see the domain on a local connection with no internet access.  Any help would be appreciated.  Thanks in advance.

    If the DNS is ad integrated client's dns ip  needs to be set DC ip address and gateway is the correct router ip address.

    also check run "ipconfig /all" for configuration,and run "tracert" for traceroute the connection steps..


    This posting is provided AS IS with no warranties or guarantees,and confers no rights. Best regards Burak Uğur

    Monday, April 17, 2017 2:01 PM
  • Hi,

    I am checking to see how things are going there on this issue. Please let me know if you would like further assistance.

    Best Regards,
    Eve Wang

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, April 18, 2017 6:38 AM
    Moderator
  • yes I would I just tried reconfiguring my IP's on my clients and have no luck.  Attached I have the results from ipconfig /all on the domain controller.  Just to clarify the clients can see the DC with the I disconnect the ethernet cable from my router to the switch where my DC and clients are connected to.


    Saturday, April 22, 2017 1:31 AM
  • DC should have own address (10.0.0.100) for DNS and no other such as router or public DNS so remove the Comcast DNS addresses from network connection and replace with 10.0.0.100

    Client also need to have domain DNS only on connection properties

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.


    Saturday, April 22, 2017 1:38 AM
  • yes I would I just tried reconfiguring my IP's on my clients and have no luck.  Attached I have the results from ipconfig /all on the domain controller.  Just to clarify the clients can see the DC with the I disconnect the ethernet cable from my router to the switch where my DC and clients are connected to.


    Your dns resolve from IPv6,but need to resolve from Ipv4,so you should Modify the protocol bindings and network provider order ,

    https://technet.microsoft.com/en-us/library/cc732472%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396

    Then DC needs to be point primary at dns,just set dc ip address from dns setting to itself(10.0.0.100),Then run "ipconfig /flushdns"ipconfig /registerdns"..Finaly check the necessary records update correctly.


    This posting is provided AS IS with no warranties or guarantees,and confers no rights. Best regards Burak Uğur

    Saturday, April 22, 2017 3:28 PM
  • I have changed the DNS address of the domain controller to its IPV4 address (10.0.0.100), and I still have the same error.  I ensured that the clients have their DNS set to 10.0.0.100, which they are.  Please keep in mind that this exact setup worked just fine on my previous AT&T internet plan (obviously with different IP addresses).  Here are updated screenshots:
    • Edited by pootie2 Sunday, April 23, 2017 7:48 AM
    Sunday, April 23, 2017 7:46 AM
  • The two IPv6 DNS coming from router (Comcast DNS) are problematic.

    2001:558:feed::1

    2001:558:feed::2

    I'd try turning off IPv6 in router if possible. Worst case uncheck it in protocols on client network connection properties.

    Or another solution is to put your own personal nat router in between xfinity and your domain.

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.


    • Edited by Dave PatrickMVP Sunday, April 23, 2017 12:39 PM
    • Marked as answer by pootie2 Monday, April 24, 2017 6:05 AM
    Sunday, April 23, 2017 12:24 PM
  • Thanks a lot disabling IPV6 fixed my problem.
    Monday, April 24, 2017 6:06 AM
  • Good to hear, you're welcome.

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Monday, April 24, 2017 1:32 PM