none
Internets Taking a Vacation Day?

    Question

  • So i've had server 2012 on my machine for years, i got it back when Microsoft Imagine was Dreamspark. Well, i had downloaded R2 from them and finally got around to doing an in-place upgrade, because im too poor to upgrade my server every time i upgrade windows.

    After doing so, everything seemed to work fine, except my internet... I have two NIC's. One is labeled LAN and is configured as 192.168.16.2

    The second NIC is labeled WAN and is the internet connection. Its a static IP on a fiber connection so there's no model or anything, just plugs into an ethernet wall port, all the configuration is done on the PC.

    So in the WAN adapter, i've configured the static IP details, and instead of using the ISP DNS servers i put in 8.8.8.8 and 8.8.4.4

    Over on the LAN adapter, i put in 192.168.16.2 as the IP, 255.255.255.0 as the subnet, and 192.168.16.2 as the DNS, expecting that anyone on the network connecting will be using that as the DNS server and will utilize the DNS server i have installed. This has worked for years, from server 2003 through 2012.

    So without changing anything, i noticed my DNS server was getting error 4000, 4007, and 4015. But everything seemed fine through the rest of the log but i went ahead with the only resolution i could find in 2 hours which was to run the netdom resetpwd command to reset the domain admin password i used, this didnt fix the issue.

    So I kept looking, thinking that this was probably a routing and remote access issue, so i ran that and set it up as a NAT... again, and again, and again, and again, as if something would magically change after the first time, but it never did... So i tried other variations of it and it never worked. I removed DNS and reinstalled it which ended up bringing back everything i had previously, because i dont know how to delete it.

    Nothing has worked. I have no internet on the server, no internet on the other machines. However, other devices on the network are connecting and getting an IP address via DHCP, so i know the LAN is working, but its as though the server is refusing to route internet traffic to and from the WAN adapter? I even reinstalled the drivers for it, and i cant get it to work!

    I also tried configuring NPS and NAP, those didnt work, so i removed them...

    How can i get this to work?

    Saturday, July 14, 2018 6:09 AM

Answers

  • So it would seem to me that RRAS OOB on Server 2012r2 and 2016 is broken. After the updates and the reboots and i was fully caught up on updates, i plugged the LAN back in and wallah! Everything is working beautifully!
    • Marked as answer by dampx Sunday, July 15, 2018 4:13 PM
    Sunday, July 15, 2018 2:29 AM

All replies

  • Please post the text output from ipconfig /all so we have an idea about your network configuration.

    tim

    Saturday, July 14, 2018 11:34 AM
  • Multi-homing a domain controller will always cause you no end to grief. I'd get rid of the "Wan" adapter. Internet queries will automatically be resolved by the 13 default root hint servers in a top level down fashion. You can optionally add the google or ISP public DNS addresses as forwarders.

     

     

     

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.



    Saturday, July 14, 2018 4:34 PM
  • Please post the text output from ipconfig /all so we have an idea about your network configuration.

    tim

    Hello Tim, please check below my response to Dave for the output of ipconfig /all

    Hello Dave,

    I agree with what you say on the grief. It's always hell getting this to work on a new install. I've had SBS03, Server 2008, 2012, and now 12R2, and each time i've had a lot of issues getting it to work. I had to swap back and forth from 2008 to 2012 again and again just to keep trying new things on 2012 to get it to work, but i have services i run for myself and my family, like an email server. There's a lot of important things going on there that i need and i'm currently not connected to be able to receive mail on my server. For me, getting rid of the WAN adapter is not optional, that adapter IS my internet connection, and its how i share my internet across everything around the whole house.

    So my LAN is setup with the local server IP (not 127) as the DNS server, and my WAN adapter is setup to use google's 8.8.8.8 and 8.8.4.4 for DNS. What you pictured in your screenshot on the forwarders tab is exactly what i have, except I only have google's IP's in there. My root hints also show the 13 servers, just as yours does. I feel this is configured correctly and still not working.

    Here's my output with my domain names removed for privacy:

    C:\>ipconfig /all

    Windows IP Configuration

       Host Name . . . . . . . . . . . . : DServer
       Primary Dns Suffix  . . . . . . . : mydomain.com.local
       Node Type . . . . . . . . . . . . : Hybrid
       IP Routing Enabled. . . . . . . . : Yes
       WINS Proxy Enabled. . . . . . . . : No
       DNS Suffix Search List. . . . . . : mydomain.com.local
                                           mydomain.com

    Ethernet adapter LAN:

       Connection-specific DNS Suffix  . : mydomain.com
       Description . . . . . . . . . . . : Intel(R) Gigabit CT Desktop Adapter
       Physical Address. . . . . . . . . : 68-05-CA-17-4E-D7
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
       IPv4 Address. . . . . . . . . . . : 192.168.16.2(Preferred)
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Default Gateway . . . . . . . . . :
       NetBIOS over Tcpip. . . . . . . . : Enabled

    Ethernet adapter WAN:

       Connection-specific DNS Suffix  . : mydomain.com.local
       Description . . . . . . . . . . . : Realtek PCI GBE Family Controller
       Physical Address. . . . . . . . . : 00-18-F8-08-EF-82
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
       IPv4 Address. . . . . . . . . . . : 199.193.x.x(Preferred)
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Default Gateway . . . . . . . . . : 199.193.x.1
       DNS Servers . . . . . . . . . . . : 8.8.8.8
                                           8.8.4.4
       NetBIOS over Tcpip. . . . . . . . : Enabled

    Tunnel adapter isatap.mydomain.com:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : mydomain.com
       Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter isatap.mydomain.com.local:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : mydomain.com.local
       Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter 6TO4 Adapter:

       Connection-specific DNS Suffix  . : mydomain.com.local
       Description . . . . . . . . . . . : Microsoft 6to4 Adapter
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
       IPv6 Address. . . . . . . . . . . : 2002:c7c1:e882::c7c1:e882(Preferred)
       Default Gateway . . . . . . . . . :
       DHCPv6 IAID . . . . . . . . . . . : 318767104
       DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-4E-B2-08-68-05-CA-17-4E-D7

       DNS Servers . . . . . . . . . . . : 8.8.8.8
                                           8.8.4.4
       NetBIOS over Tcpip. . . . . . . . : Disabled

    Saturday, July 14, 2018 7:17 PM
  •  For me, getting rid of the WAN adapter is not optional, that adapter IS my internet connection, and its how i share my internet across everything around the whole house.

    The much simpler solution is to use an personal NAT type internet router that accepts the ISP connection on WAN port then all domain clients including the domain controller plug into LAN ports. For everything SBS I'd ask for help in dedicated forums over here.

    https://social.technet.microsoft.com/Forums/windowsserver/en-US/home?forum=winserveressentials

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Saturday, July 14, 2018 7:28 PM
  •  For me, getting rid of the WAN adapter is not optional, that adapter IS my internet connection, and its how i share my internet across everything around the whole house.

    The much simpler solution is to use an personal NAT type internet router that accepts the ISP connection on WAN port then all domain clients including the domain controller plug into LAN ports. For everything SBS I'd ask for help in dedicated forums over here.

    Hello Dave,

    I've tried that before and had issues with transfer speeds on the network, splitting them resolved those issues.

    I'm not using SBS anymore, i'm using Server 2012 R2 only.

    Saturday, July 14, 2018 7:52 PM
  • I should also mention that even if i disable the LAN adapter and only have the WAN adapter going, it still doesnt work.

    Regardless of the setup, if i go into my adapters, and into the IPv4 properties, check the box at the bottom that says "Validate settings upon exit" and exit, it brings up the Windows Network Diagnostics screen. Here it runs for a bit and then says: "The DNS server isn't responding". This happens whether the LAN is enabled or disabled, and it happens whether or not i have my ISP's DNS servers in there, or googles.

    The WAN status shows my IPv4 connectivity as "Internet", so i'm thinking its probably finding the internet, it just wont use it for some reason? Like something broke during the upgrade.
    • Edited by dampx Saturday, July 14, 2018 7:56 PM
    Saturday, July 14, 2018 7:55 PM
  • had issues with transfer speeds on the network, splitting them resolved those issues.

    Not sure what is meant about splitting, since it appears you're trying to route through windows. If you're maxing out the capability of the network adapter then you may be able to team them. Windows routing requires the RRAS role. Trying to route through windows is not an ideal solution especially for a domain controller.

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Saturday, July 14, 2018 8:02 PM
  • I should also mention that even if i disable the LAN adapter and only have the WAN adapter going, it still doesnt work.

    1. A domain controller should not be multi-homed
    2. Domain controller and clients must have the static address of DC listed for DNS and no others such as router or public DNS

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Saturday, July 14, 2018 8:06 PM
  • I gave it a quick shot your way and i couldnt get it going that way either, so i went back to Microsoft Imagine and downloaded Server 2016... I'm convinced something screwed up during the 2012 r2 upgrade that was preventing it from working. I had it working just fine in 2003 SBS, 2008, and 2012. I cant see 2012 R2 being so different that upgrading to it from 2012 would cause it to not work, unless there was an issue. 

    Hopefully, whatever the problem is, upgrading to 2016 fixes it.

    Saturday, July 14, 2018 9:41 PM
  • In-place upgrades are never recommended because of the risk involved and the possibility of corruption carry forward. The better method;

    I'd use dcdiag / repadmin tools to verify health correcting all errors found before starting. Then I'd stand up the new guest, patch it fully, license it, join existing domain, add active directory domain services, promote it also making it a GC (recommended), transfer FSMO roles over (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to verify health, when all is good you can decommission / demote old one.

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Saturday, July 14, 2018 9:44 PM
  • In-place upgrades are never recommended because of the risk involved and the possibility of corruption carry forward. The better method;

    I'd use dcdiag / repadmin tools to verify health correcting all errors found before starting. Then I'd stand up the new guest, patch it fully, license it, join existing domain, add active directory domain services, promote it also making it a GC (recommended), transfer FSMO roles over (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to verify health, when all is good you can decommission / demote old one.

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    But thats exactly what I cannot do. I am an individual, not a company. I dont have enough money to buy a second server, so i dont have a choice but to do this on the one and only server i have which is now about 5 years old, and needs to be upgraded soon.

    I've upgraded to 2016 and i have the same issue.

    Saturday, July 14, 2018 11:16 PM
  • I've upgraded to 2016 and i have the same issue.

    you can run;
    Dcdiag /v /c /d /e /s:DCName >c:\dcdiag.log
    (please replace DCName with your domain controller's netbios name)
    ipconfig /all > C:\dc1.txt
    ipconfig /all > C:\client.txt
    then put all files up on OneDrive and share a link.

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Saturday, July 14, 2018 11:27 PM
  • Ok so a fair turn of events... I unplugged the LAN and everything started working again, as its supposed to. Except for the LAN of course, its unplugged. This didnt work when i was on 12r2.

    So for now, i'm doing all of the updates, and i'll try again once all updates are done. If i cant get it to work, then Dave, i might hit you up with some questions on setting it up through my routers internet port and team my two adapters, possibly the built in one on the motherboard too.

    Saturday, July 14, 2018 11:30 PM
  • So it would seem to me that RRAS OOB on Server 2012r2 and 2016 is broken. After the updates and the reboots and i was fully caught up on updates, i plugged the LAN back in and wallah! Everything is working beautifully!
    • Marked as answer by dampx Sunday, July 15, 2018 4:13 PM
    Sunday, July 15, 2018 2:29 AM