constant internet and exchange server inacessibility

21 Dec 2005 4:50 PM

hipnautic

My company's computers keep losing internet connection each day,
although all users are still able to log onto the domain. Our mail
exchange server also is inacessible, the error message states that the
exchange server is unavailable. So far, the only solution has been to
renew each machine's dhcp license either by a release+renew or to
restart each machine to get the connection to both our internet and
internal servers (exchange, file, etc) to function again. We are
running a sonicwall firewall device. Does anyone have any
suggestions? Thanks in advance.

21 Dec 2005 5:23 PM

Ian

Thoughts here are that something is preventing access to the DHCP server.
This would make sense as the default leases are often 24hrs.

Exactly what and were depends on the setup. Is DHCP provided by a router
box, the sonicwall, or by the fileserver?

Basically, for DHCP to work, the clients must be able to access ports 67 and
68 on the DHCP server. These ports must be accessible from the LAN subnet,
and also from the address 0.0.0.0 - which is what the clients will advertise
themselves as until they have obtained an IP.

Not used sonicwall kit, maybe someone who has can give more specific advice
on that aspect.

21 Dec 2005 6:34 PM

hipnautic

Thanks for the quick reply. DHCP is not provided by the sonicwall
firewall device, so I am thinking that that dhcp is assigned by the
cisco router hooked up to it or the domain controller (is that
possible?) Do you now why our users can log on to our domain and have
a valid ip address assigned but still not be able to connect to the
internet nor to our exchange server the next day. You are right about
DHCP being the problem as internet connectivity seems to stop after 24
hours until a renewel is issued. Any suggestions? Thanks.

21 Dec 2005 10:56 PM

Ian

It's possible you have two conflicting DHCP servers operating. It would fit
the symptoms if the fileserver is handing-out a default gateway and DNS to
suit its own purposes, because that would prevent machines from using the
Cisco as a gateway. Hence no Internet.

Suggest checking for a DHCP service running on the server, and the Cisco's
settings. If all else fails a portscan of the network for open ports 67/68
might reveal which machines are advertising themselves as DHCP servers. It
doesn't matter which you use, or you can have two so long as they don't
conflict. (To make two coexist they need to be in the same subnet, but
should each hand-out IPs from a separate range within that subnet)

The DHCP server should assign the Cisco as the default gateway, and should
add DNS entries for Internet, and for Active Directory.

22 Dec 2005 5:01 PM

hipnautic

Good info Ian. During a port scan, if a port 67's state is indicated
as being filtered, does that mean is an active port and hence the
machine in question is the dhcp server? Thanks.

22 Dec 2005 8:44 PM

hipnautic

Ok, I believe that the internet connection problem may be that I also
had a wireless linksys router attached to the network that had dhcp
enabled. However, there is an existing dhcp server is on my file
server and I believe that there was a conflict between the two, when it
was time for a renewel. So I have disabled dhcp on the router. Is
this a viable solution? Thanks.

22 Dec 2005 10:38 PM

Ian

You can use either, though if you use the Cisco then it becomes an essential
piece of equipment, nothing can work for more than a day without it.
Therefore perhaps better to use the server.

If on the server, you will need to set the DHCP server to make the Cisco the
default gateway. You might also need to add suitable DNS entries - the
fileserver and the Cisco could most likely be set as DNS servers, or set it
to give the fileserver and one fo your ISP's DNS hosts. It's because these
settings were absent that machines couldn't contact the 'net before.