Hello Will
[WN] Are you speaking of the Windows XP firewall?
No... I didn't explicitly state this is W2K3, but I posted this under "Windows 2003" group thinking everyone would assume that's what I was talking about! A Windows 2003 Server installation.
[WN] DHCP might even be utilizing ports 67 and 68 on some systems
Yes... as Jay mentioned... I opened these ports as well, no help
[WN] Is the DHCP service running on the clients?
Yes, that's where the problem is - clients not getting IPs from the server's DHCP unless I turn off the server's Firewall
[WN] Something may be wrong with DNS? DNS server names are handed out with DHCP leases to clients. If it is misconfigured on the DHCP server it could of course cause problems.
The clients aren't even getting the DHCP lease. As I understand it, clients broadcast for a DHCP server (if they have no address previously assigned). The DHCP server is supposed to respond with a "here I am" type of message; the client then asks for an address and the server allocates a lease, consisting of an IP address together with all other configured parameters like DNS server, default gateway etc.
If a client has previously been allocated an address, it merely asks if it can re-use that address. The server then replies yes or no, as the case may be, but the result is effectively the same. Either way, DNS can't affect the result until after the lease has been handed out?
[WN] Can you post IPCONFIG /ALL output from the DHCP server if Windows, and from the clients?
Sure... :-)
Server:-
----
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\Administrator.VARISPEED-SRV1>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : custname-srv1
Primary Dns Suffix . . . . . . . : custname.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : custname.local
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : custname.local
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
Physical Address. . . . . . . . . : 00-0B-CD-E7-C9-FD
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.250
DNS Servers . . . . . . . . . . . : 192.168.1.2
Primary WINS Server . . . . . . . : 192.168.1.2
----
I can't get to a user screen of any of the clients over a weekend, but their config comes up exactly as you'd expect from this DHCP config on the server (when it works!):-
----
[all parameters have a Vendor "Standard" and Class "None"]
Option Name Value
003 Router 192.168.1.250
006 DNS Servers 192.168.1.2
015 DNS Domain Name custname.local
044 WINS/NBNS Servers 192.168.1.2
046 WINS/NBT Node Type 0x8
----
[WN] This is from MS
http://www.microsoft.com/smallbusiness/support/articles/ref_net_ports_ms_prod.mspx Interesting, thanks - I did see this article but skipped it because it claims to be applicable to SBS, not Windows Server... I keep forgetting MS' article headers aren't "necessarily" accurate :-(
OK I am opening that "MADCAP" port as well as all the others, I'll be able to report back next week!
Thanks for the input.
[The whole point here is why did it work one day and require special firewall configuration the next? Has MS broken the firewall with a recent update? Or did someone mess about with another setting somewhere on the server that I haven't twigged yet...]
Chris
