DNS / Internet Help
This thread is related to
Still not managed to solve it and still think its a problem with DNS.
At machine level DNS is set to the DC. The gateway is set to the ContentCache(ISA) box. The proxy is also set to that.
On the server, the network card DNS is set to itself and the router. The forward lookup settings in DNS are set to 188.8.131.52 and 184.108.40.206 which are Redstone's DNS (or so they say). When you tracert to them you get trace complete but the last hop says Destination Net Unreachable. The router DNS and ContentCache DNS are set to the above ip's. On the router DDNS is disabled but it has the options of dyndns.org and t2o.com
Any help on this would be appreciated.
Have you tried bypassing all that ContentCache stuff?
Is Contentcache just a fancy ISA box?
Haven't been able to read all the postings, but as much as I can, but I would bypass everything that I can, then build from that as your settings specified don't seem a problem.
EXCEPT: I wouldn't have the proxy/contentcace as my default gateway as any traffic that the network/routers/pc's etc can't route/resolve will go to the default gateway hence why you may be getting timed-out? May be getting flooded with unecessary requests.
Just a thought
Yeah the contentcache is more of a cut-down version of isa - don't ask, it was already in place when i got the job !!
Sorry - its not the contentcache that is the default gateway, its the router.
Think i will try by-passing everything.
Think (i hope) i've tracked it down to the contentcache. If i use the proxy at our isp it works fine with no delay.
Looks like its that stupid thing !
Well I didn't like to say ;o)
At least you know!
Yeah definitely the cache so will try and get that sorted.
Related problem though - on some new HP machines, whoever you log on as the homepage is myAOL | HP for Small Business
When i change it as administrator is is still HP for all other users. I have set it in GP and regedit to the correct one but still does it.
Don't think this is relevant but you don't need (and shouldn't have) the router's DNS on the network card - only in the forwarding.
Originally Posted by karldenton
As I understand it, what you're doing on the card is saying "who should I ask that can answer *all* my DNS queries" - the DC can answer (and if it doesn't know then it will forward to the router which then forwards to the external DNS). If for some reason the DC tries to query the router for info about the internal network then it won't get answers and this can lead to weird problems!
Good point srochford!
Maybe a stupid question re your homepage, but are you forcing the update? ie gpudate etc? IS it a specific OU that is not updating or are others within the same OU and GPO working ok?
Did gpupdate /force but the same outcome.
Yeah, the rest of the machines in the OU are working fine. These are some new ones that someone else installed. In group policy though, there is no home page set on any policy so i'm not sure where its getting it from. I added it in, did a /force but no difference.
Are any other policy settings working within that OU? I'd try adding some kind of policy to the OU and see that it is being taken.
This has already been said or thought I'm sure.
Your DC's DNS should be pointed to itself and nothing else.
Inside the DC DNS server - all local traffic should be handled by AD and DNS, external traffic should be set to forwarders.
In your case, you should use your router as your forwarder.
Using the cache thingy may end up causing unnecessary requests as the cache thingy will only query your upstream router anyway, so you'd be better off keeping the cache thingy for it's job (caching) rather than DNS forwarding also.
So your client PCs should talk to the DC first - if it's internet, the DNS request (but not HTTP/HTTPS requests) should go to your external router (and not go via the cache thingy). Then your PCs simply use the cache thingy directly and any DNS requests it needs get handled by it directly.
As for your homepage woes - I've had this before. Sometimes homepages would set, sometimes not. Set the GPO that sets your homepage and IE proxy information as Enforced - meaning no other GPOs can override it or disable it or mess with it.
It may be worth logging the same user on 2 machines and checking to see what's different aside from the homepage... this assumes that the PCs with the issue are in the same OU as others and aren't hugely different in terms of software, Domain or Local GPOs.
Thanks for the advice on the cache etc.
Getting stressed with the home page thing now though. Set the GPO as enforced but like i said, it wasn't set in there at all, and neither is the proxy settings ??? The link on the desktops even point to the right home page but its as though something from HP is taking over !!!
Seems the home page problem is to do with the machines coming with AOL toolbar on. Although i removed that, did ccleaner and regcure it still redirects. ARGH !!
We've had this - no local policies set - yet internet explorer still pulled up our old old old old proxy.
Have a look inside the registry of a dodgy PC.
Look at the entry called 'Start Page'.
This is the homepage used.
Check these remotely when a user is logged in (when the PC displays the right homepage) and then do this again when the PC displays the wrong homepage.
I suspect you will find that ONE of those values will be reset to the HP page, in which case you may need to force-set the homepage somewhere on both the PC itself and the user just to be certain.