I think but have not checked or tested this but adding another NIC and having it assigned one IP address and then not having that NIC report to DNS might work. Once I have a stable working system with the IP's not getting messed up in DNS I will work on putting the firewall back up and report back again. I did send in the bug report on this issue.
Jon On Thu, Jul 31, 2008 at 2:10 PM, Jon Harris <[EMAIL PROTECTED]> wrote: > John, if you are using multiple IP's assigned to one NIC on a virtual > machine and the virtual machine is 2008 expect problems with 2003 DNS. I > have several web sites and multilple FTP as well as one SMTP server on one > virtual 2008 server and if I have the register with the DNS is checked ALL > of the IP's check in as the same machine, as well as their > web/ftp/smtp/printer. Messes up remote access as well. I think that might > have been the issue yesterday with the "firewall" blocking the FTP sites. I > am still trouble shooting this but I do know that if you change it back to > register in DNS it wipes the static entry and resets everything wrong again. > > Jon > > On Wed, Jul 30, 2008 at 3:57 PM, John Hornbuckle < > [EMAIL PROTECTED]> wrote: > >> Will do. I've also posted on a couple of TechNet forums. So far everyone >> is stumped, but I have to make this work, so I'll keep plugging away. >> >> >> >> I'm doing the same as you, decommissioning several end-of-life 2003 >> servers. I only have one 2008 server, though, and am running Hyper-V to have >> multiple VMs taking on the roles of the old servers. Consolidating is a >> pain, but will be worth it in the end. I've moved several functions off of >> older 2003 servers, but I still haven't been able to shut one down >> completely yet because there are still a few lingering tasks. >> >> >> >> >> >> >> >> >> >> *From:* Jon Harris [mailto:[EMAIL PROTECTED] >> *Sent:* Wednesday, July 30, 2008 3:54 PM >> >> *To:* NT System Admin Issues >> *Subject:* Re: Server 2008 DNS / Firewall Problem >> >> >> >> At the moment then I am out of ideas. I am having fun moving and >> decommissioning a 2003 web/ftp/print server and bringing up a replacement >> 2008 one in it's place. Trouble shooting has to wait until I have enough >> done to justify the time since not of these "problems" affect anyone but >> "me" at the moment. I only have 2 more stubborn printers to get installed >> on the server and then go and touch all the clients and make sure they are >> getting the new printers. XP machines seem to be having the most issues >> with the new print server. Web and ftp are done and golden. If you find >> something before I do please post back to the list. >> >> >> >> Jon >> >> On Wed, Jul 30, 2008 at 3:43 PM, John Hornbuckle < >> [EMAIL PROTECTED]> wrote: >> >> Yeah, I forgot to mention that I had tried that. I shut down the firewall >> service completely, but these errors continued to be logged. Also, I have >> IPv6 disabled on the server. >> >> >> >> Crazy. >> >> >> >> >> >> >> >> >> >> *From:* Jon Harris [mailto:[EMAIL PROTECTED] >> *Sent:* Wednesday, July 30, 2008 3:42 PM >> *To:* NT System Admin Issues >> *Subject:* Re: Server 2008 DNS / Firewall Problem >> >> >> >> John try shutting down the firewall and see if they go away. If so then >> you may have the same issue I had this morning with IIS v7. It appears that >> there is something in the internal firewall that does not like certain >> features, and no I have not had time to trouble shoot this yet. It might >> also be that you have the machine using IP v6 and IP v4. I had to shutdown >> IP v6 on my DNS/DS because I did not have a fixed IP v6 address for the >> machine. Another trouble shooting thing for me to do. >> >> >> >> Jon >> >> On Wed, Jul 30, 2008 at 3:33 PM, John Hornbuckle < >> [EMAIL PROTECTED]> wrote: >> >> I have a separate DNS server here for external queries. That server >> isn't AD-integrated, and only contains a handful of records for hosts >> that need to be reached from the outside world. This task has been >> handled by a Server 2003 server. >> >> I've shut down DNS on that server and moved its IP address to a new >> Server 2008 server. But for some reason, the Server 2008 machine is >> blocking all DNS queries from any other machine (on our network or off). >> Windows Firewall is configured to allow inbound and outbound TCP/UDP >> traffic on port 53, so that doesn't seem to be the issue. But I get a >> ton of these in the Security Log: >> >> ===== >> The Windows Filtering Platform has blocked a connection. >> >> Application Information: >> Process ID: 1404 >> Application Name: \device\harddiskvolume1\windows\system32\dns.exe >> >> Network Information: >> Direction: Inbound >> Source Address: 150.176.37.178 >> Source Port: 53 >> Destination Address: 150.176.37.163 >> Destination Port: 58058 >> Protocol: 17 >> >> Filter Information: >> Filter Run-Time ID: 0 >> Layer Name: Receive/Accept >> Layer Run-Time ID: 44 >> ===== >> >> The 150.176.37.178 machine is the DNS server, and the 150.176.37.163 >> machine is I'm trying to do a query from using nslookup. But I've also >> got lots of entries like these from other hosts trying to query the >> server. >> >> I'm stumped as to why this traffic is being blocked. Any ideas? >> >> >> John Hornbuckle >> MIS Department >> Taylor County School District >> 318 North Clark Street >> Perry, FL 32347 >> >> www.taylor.k12.fl.us >> >> >> ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ >> ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ >> >> >> >> >> >> >> >> > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
