John, if you are using multiple IP's assigned to one NIC on a virtual machine and the virtual machine is 2008 expect problems with 2003 DNS. I have several web sites and multilple FTP as well as one SMTP server on one virtual 2008 server and if I have the register with the DNS is checked ALL of the IP's check in as the same machine, as well as their web/ftp/smtp/printer. Messes up remote access as well. I think that might have been the issue yesterday with the "firewall" blocking the FTP sites. I am still trouble shooting this but I do know that if you change it back to register in DNS it wipes the static entry and resets everything wrong again.
Jon On Wed, Jul 30, 2008 at 3:57 PM, John Hornbuckle < [EMAIL PROTECTED]> wrote: > Will do. I've also posted on a couple of TechNet forums. So far everyone > is stumped, but I have to make this work, so I'll keep plugging away. > > > > I'm doing the same as you, decommissioning several end-of-life 2003 > servers. I only have one 2008 server, though, and am running Hyper-V to have > multiple VMs taking on the roles of the old servers. Consolidating is a > pain, but will be worth it in the end. I've moved several functions off of > older 2003 servers, but I still haven't been able to shut one down > completely yet because there are still a few lingering tasks. > > > > > > > > > > *From:* Jon Harris [mailto:[EMAIL PROTECTED] > *Sent:* Wednesday, July 30, 2008 3:54 PM > > *To:* NT System Admin Issues > *Subject:* Re: Server 2008 DNS / Firewall Problem > > > > At the moment then I am out of ideas. I am having fun moving and > decommissioning a 2003 web/ftp/print server and bringing up a replacement > 2008 one in it's place. Trouble shooting has to wait until I have enough > done to justify the time since not of these "problems" affect anyone but > "me" at the moment. I only have 2 more stubborn printers to get installed > on the server and then go and touch all the clients and make sure they are > getting the new printers. XP machines seem to be having the most issues > with the new print server. Web and ftp are done and golden. If you find > something before I do please post back to the list. > > > > Jon > > On Wed, Jul 30, 2008 at 3:43 PM, John Hornbuckle < > [EMAIL PROTECTED]> wrote: > > Yeah, I forgot to mention that I had tried that. I shut down the firewall > service completely, but these errors continued to be logged. Also, I have > IPv6 disabled on the server. > > > > Crazy. > > > > > > > > > > *From:* Jon Harris [mailto:[EMAIL PROTECTED] > *Sent:* Wednesday, July 30, 2008 3:42 PM > *To:* NT System Admin Issues > *Subject:* Re: Server 2008 DNS / Firewall Problem > > > > John try shutting down the firewall and see if they go away. If so then > you may have the same issue I had this morning with IIS v7. It appears that > there is something in the internal firewall that does not like certain > features, and no I have not had time to trouble shoot this yet. It might > also be that you have the machine using IP v6 and IP v4. I had to shutdown > IP v6 on my DNS/DS because I did not have a fixed IP v6 address for the > machine. Another trouble shooting thing for me to do. > > > > Jon > > On Wed, Jul 30, 2008 at 3:33 PM, John Hornbuckle < > [EMAIL PROTECTED]> wrote: > > I have a separate DNS server here for external queries. That server > isn't AD-integrated, and only contains a handful of records for hosts > that need to be reached from the outside world. This task has been > handled by a Server 2003 server. > > I've shut down DNS on that server and moved its IP address to a new > Server 2008 server. But for some reason, the Server 2008 machine is > blocking all DNS queries from any other machine (on our network or off). > Windows Firewall is configured to allow inbound and outbound TCP/UDP > traffic on port 53, so that doesn't seem to be the issue. But I get a > ton of these in the Security Log: > > ===== > The Windows Filtering Platform has blocked a connection. > > Application Information: > Process ID: 1404 > Application Name: \device\harddiskvolume1\windows\system32\dns.exe > > Network Information: > Direction: Inbound > Source Address: 150.176.37.178 > Source Port: 53 > Destination Address: 150.176.37.163 > Destination Port: 58058 > Protocol: 17 > > Filter Information: > Filter Run-Time ID: 0 > Layer Name: Receive/Accept > Layer Run-Time ID: 44 > ===== > > The 150.176.37.178 machine is the DNS server, and the 150.176.37.163 > machine is I'm trying to do a query from using nslookup. But I've also > got lots of entries like these from other hosts trying to query the > server. > > I'm stumped as to why this traffic is being blocked. Any ideas? > > > John Hornbuckle > MIS Department > Taylor County School District > 318 North Clark Street > Perry, FL 32347 > > www.taylor.k12.fl.us > > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ > > > > > > > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
