ESX networking issues

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.
J

Jason Smith

New Member
May 25, 2015
6
0
1
41
Hello all,

I have setup an esxi 6.0 enviroment with an AD environment and am having a few issues. I can't ping any of the servers in the environment (from each other). The way I have it configured is that I am using my AD's IP as the DNS ip and my routers IP as my gateway. If I change the gateway to match my AD IP then I can ping the server.

How can I setup my network so that the machines resolve to each other? Do I need to have setup something on my router? Do I need something like pfsense?

Here is how my vswitch looks: Imgur
 
J

j_h_o

Active Member
Apr 21, 2015
644
180
43
California, US
DNS is for name resolution, and shouldn't interfere with pings. Can you ping servers by IP address 192.168.1.17, 19, 12, 13, etc.?

Can you clarify what you mean by "change the gateway to match my AD IP"? What are you changing it to, exactly? What's an example of a configuration that "works" (IP, subnet, gateway)? And what doesn't work?

You can verify DNS functionality on the DCs by using
"nslookup - 192.168.1.12" on one of the machines -- this will force DNS resolution via that DNS server. Type in domain names like "google.com" at the resultant prompt and you should see IPs being resolved. (You should also test resolution of your local AD domain, obviously.)

No, there's no indication you need to install pfSense at this point... but I'm not really sure what you're trying to do :)
 
Last edited:
J

Jason Smith

New Member
May 25, 2015
6
0
1
41
j_h_o said:
DNS is for name resolution, and shouldn't interfere with pings. Can you ping servers by IP address 192.168.1.17, 19, 12, 13, etc.?

Can you clarify what you mean by "change the gateway to match my AD IP"? What are you changing it to, exactly? What's an example of a configuration that "works" (IP, subnet, gateway)? And what doesn't work?

You can verify DNS functionality on the DCs by using
"nslookup - 192.168.1.12" on one of the machines -- this will force DNS resolution via that DNS server. Type in domain names like "google.com" at the resultant prompt and you should see IPs being resolved.

No, there's no indication you need to install pfSense at this point... but I'm not really sure what you're trying to do :)
Click to expand...
This is what I have configured on each of my servers:

A static IP
Gateway: 192.168.1.1 (my router)
DNS: 192.168.1.9 (my AD server)

My domain controller's IP is 192.168.1.9. Basically from each of my VMs I cant ping the others (by ip, hostname or fqdn) I realized I had a problem when I tried to join my 2nd DDC(citrix destop controller) to the site I created on DDC1.
 
J

Jason Smith

New Member
May 25, 2015
6
0
1
41
j_h_o said:
DNS is for name resolution, and shouldn't interfere with pings. Can you ping servers by IP address 192.168.1.17, 19, 12, 13, etc.?

Can you clarify what you mean by "change the gateway to match my AD IP"? What are you changing it to, exactly? What's an example of a configuration that "works" (IP, subnet, gateway)? And what doesn't work?

You can verify DNS functionality on the DCs by using
"nslookup - 192.168.1.12" on one of the machines -- this will force DNS resolution via that DNS server. Type in domain names like "google.com" at the resultant prompt and you should see IPs being resolved.

No, there's no indication you need to install pfSense at this point... but I'm not really sure what you're trying to do :)
Click to expand...

THANK YOU so much for reminding me about nslookup. I got a Non-existent domain message and needed to add a Reverse Lookup Zone. Why would this not get installed?
 
J

j_h_o

Active Member
Apr 21, 2015
644
180
43
California, US
I think you mean forward lookup zone. Your domain controller is configured as a DNS server when it's promoted, and a forward lookup zone is configured which does translation from your ad.domain.tld to IP addresses.

Active Directory domain controller promotion usually configures DNS. You probably have some other problem lurking in your config, assuming you followed the GUI/wizards to do the promotion.

I'd run dcdiag [/server:blah] on each/against each of your domain controllers and confirm that things are passing.
 
M

mrkrad

Well-Known Member
Oct 13, 2012
1,244
52
48
You want their AD server to resolve local domains and forward all other dns requests to the internet - which I believe it not the standard setup for AD/DNS servers!
 
M

Mike2015

New Member
Jul 29, 2015
3
0
1
53
you can use forwarders in the DNS Server settings and put in the IP of your router / ISP DNS and it will resolve internet addresses and AD IPs to hostnames fine....
 
You must log in or register to reply here.
Top Bottom