I have a Windows Small Business Server 2011 that runs DNS (because it has to) and serves DNS for the company workstations. We are recently cutting over from a bonded T-1 to fiber. I have a firewall/router set up (correctly) that allows for both WAN connections.
If I disable the old WAN port (wan2) the server suddenly can't resolve DNS anymore. I can't ping web IP addresses like 8.8.8.8 either (get a reply from the firewall saying destination cannot be reached. I can ping just fine from the firewall). As a result,
none of the workstations can browse the internet. If I hard code DNS servers on a workstation, it works fine. Likewise, all the other servers work fine. All internal DNS works fine (server can see the workstations and ping them by their name, workstations
can see the server, other servers can see the server, etc.) There are no errors in the DNS event viewer.
I tried clearing the cache in the DNS MMC.
I tried flushing dns.
I tried restarting the DNS server & DNS client services on the server.
I even rebooting the server.
I tried "fix my network" and with wan2 disabled it can't even see the firewall/router, and with wan2 enabled it doesn't find detect any problem.
The server had DNS forwarders (to Google) and I tried switching it to the ISP's DNS servers.
I tried removing and reinstalling the forwards, no change.
I tried factory resetting the firewall and only setting it up with the new ISP, no change.
Now, if I re-enable wan2, the server can immediately communicate with the internet again.
We actually had this problem before with a different ISP and thought it was the ISP and cancelled the service. It seems like the server only works on the old ISP even though it shouldn't make a difference. The router IP address and everything else is still
the same.
On a side note, we had some major issues with DNS about a year ago and after a $500 call to Microsoft, they reconfigured everything and set it up...presumably correct...and all the issues were resolved. This issue is just so puzzling since there is zero reason
why it shouldn't work. If I didn't know better (and I don't really) I would say it is hard coded to only work with our old public IP address or something, but I can't find anything that would suggest that is the case and to the best of my knowledge it shouldn't
be.
I'm beating my head against a wall with this one, so any help will be GREATLY appreciated.
↧
Windows SBS 2011, DNS stop working with ISP change.
↧