A friend of mine enlisted my help to upgrade his network form a workgroup to a domain, so I did. I'm give you the technical setup and explain the issue at the bottom.

1 Sonicwall tz100 with static IP and cable connection (runs DHCP and DNS, servers IP is listed ad a DNS source among those provided by the ISP, I did this so the internal PC's can resolve computer names {is that correct?})
1 Cisco Small Business 48 port Switch
15 workstations
1 server with 08 Standard installed (file server only)
All PC's have DHCP enabled

My buddy didnt want DHCP or DNS running on the server once it was upgraded to a domain, but as you may already know, DNS is a required role, so I installed it. The setup was simple and it worked fine up until now (90 days). I gave the firewall the role of DHCP and DNS, the server also has DNS role too. Since when setting up the firewall you can give a DNS address, I entered the servers IP. Since the server runs DNS also, I gave it (forwarders) the external DNS IP's.

I did that so that PC's in the internal network could communicate on a computer name level without just using IP addresses. Anyway, the whole thing worked like a charm and I realize that this setup is unusual, I know. But under the circumstances, I didnt know how else to set it up (besides putting both DHCP and DNS on the DC)

THE ISSUE:
For the past two days, when everyone came into work, (all win7 PC's) they display unidentified network with no internet or network access (most of them, some actually worked fine, all setup with DHCP). We did some troubleshooting over the phone, restarted switch, then firewall (not the server). Once we rebooted the firewall, everything worked. My question is, is there some other way I should have set this up or is there some sort of loopback issue thats causing this issue after such a long time. Or could it just be a bad firewall (9 months old)

Thanks in advance!

Recommended Answers

All 2 Replies

Hard to say without more details, but you definately have an unecessary flow of DNS on that network. Rather than having your clients point to hte firewall for DNS, then foward them to server, then forward out, just configure the DHCP scope and set the DNS clients to point directly to the server running DNS. This will remove one level out of this DNS flow and improve the speed of name resolution.

you run DHCP and DNS on Cisco Switch. if the firewall goes down or any problem occurs, the entire LAN will affected, as the machines wont get IP Address.
You internal LAN works well - if the DHCP and DNS works on CISCO SWITCH.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.