Please Read: Significant Update Planned, Migrating Forum Software This Month

See more
See less

DNS/Firewall Issues

  • Filter
  • Time
  • Show
Clear All
new posts

  • DNS/Firewall Issues


    Please excuse the following detail but I thought that it might pre-empt any further questions about my setup.

    I run a very small network (3 clients) with a server running SBS 2008/Exchange 2007/DNS/DHCP/Firewall (

    The server and all clients are wired to a switch, which itself is wired to a Netgear DGN1000 router( This router is wired ( to an ISP supplied router, (

    A fixed IP address is picked up by the ISP router. DHCP is turned off on both routers, as is UPnP.

    Ports 25,80, 443,987 and 1723 are permanently set on the ISP supplied router and the Netgear router to forward to the Netgear router and my server respectively. I have enabled traffic through port 25 at my ISP.

    I will not go through the full reasons why I am in this position but I have to re-configure my DNS and Firewall. I tried to use the SBS wizards but I have the following problems:

    Internet Connection Wizard: Detects router address as and server address as correctly. However, stage 2 of the wizard fails with an error "Windows SBS 2008 Connect to the Internet Wizard has stopped working."

    Internet Domain Name Wizard: Remote Web Workplace stage completes okay but Exchange E-mail stage has an error (suggests running the Fix My Network Wizard) and Internet Router stage has a warning (only because UPnP is off I am sure).

    Fix My Network Wizard:1. Port warning for the router again (which I am ignoring).2. "DNS is using a DNS Forwarder" which, from research, can be ignored I think.3. "DNS Zone is missing" which is the main problem I think.

    I got to this stage a few days ago.

    I thought that my DNS server was messed up and tried to clean it up but I suspect that I deleted some essential entries and it was no longer functional. I must admit it is not one of my areas of technical excellence.

    After days of frustration, some bright spark (yes, me!) decided to remove and re-install the DNS role from the server, and try to manually re-insert the entries, but this has made things even more confusing for me.

    I have run the SBS BPA and I get a warning "The host (A) record for server cannot be retrieved from DNS server The Exchange BPA gives a the same warning.

    Based on the information above, is anyone able to suggest what are the minimum entries necessary in my DNS server.

    Another issue (which may not be connected but I will add it for completeness) is that the clients link to Exchange would only work when the server Firewall was off !.

    Many thanks.
    Last edited by AndyGFLees; 15th December 2012, 20:17. Reason: accuracy

  • #2
    Re: DNS/Firewall Issues

    Do you have a working SBS anywhere that you can compare yours to? Do you have the possibilty to do a fresh install of SBS into a virtual machine?
    Try these possibilities to see if you can recontruct your DNS, then try running the wizards again.

    Steven Teiger [SBS-MVP(2003-2009)]
    Iím honoured to have been selected for the SMB 150 list for 2013. This is the third time in succession (no logo available for 2011) that I have been honoured with this award.

    We donít stop playing because we grow old, we grow old because we stop playing.


    • #3
      Re: DNS/Firewall Issues


      Thanks for the reply.

      Not really familiar with virtual machine but no, there are only 4 machines in the company, 3 PC's and the server.

      I am happy to re-install the DNS service again if that will help.

      And by the way, thanks for resisting to throw in anything to do with Backup or Restore - long story from which lessons have been learned on the Finance Directors side.



      • #4
        Re: DNS/Firewall Issues


        It looks like I might be winning this re-configuration battle. I will update the forum so that others can find my solution at a later date but, in the meantime, the problem with the Outlook Exchange client not connecting to the Exchange Server was sorted by enabling netsession_win.exe through the server firewall.