Zentyal Forum, Linux Small Business Server
Zentyal Server => Installation and Upgrades => Topic started by: codedmind on September 19, 2012, 04:33:13 pm
-
Hy there,
Please can anyone tell me how to remove the localhost line from resolv.conf?
Zentyal is my gateway, i have a server with 2003 that is the dhcp and the domain.
If i comment/remove 127.0.0.1 and first entry is domain ip in resolv.conf zentyal can ping/dig/nslookup any computer name inside my lan, if 127.0.0.1 is the first entry i only can ping to ip address inside my lan.
Any clue?
Thanks
[Thread resume]
Configure zentyal as gateway firewall dhcpclient, dns server, transparent proxy IN a domain
dhcp server:
search domain -> your domain name
primary server: local zentyal dns
secondary nameserver: empty
enable dynamic dns
dynamic domain (same as before)
static same as dynamic
dns server:
Enable transparent dns cache (important)
your domain mus be dynamic domain
in tab hostnames add computers that you have configured as static ip and don't will be dhcp clients
http proxy:
transparent check
-
I am having the same problem. We do know that it has something to do with ARP cache, but I do not have any details on how to resolve the problem yet. You are probably using windows 7 - let me know!
Thanks!
-
In my netwotk i have mixed OS.
Win XP, Vista and 7.
The main problem is with zentyal because dns.
The local interface (eth0) has a static ip 191.168.1.254 and the server domain ip is 192.168.1.2
-
Could you please explain further - or rephrase - what your problem is.
I understood that Zentyal is your gateway and internal Win2003 server handles DHCP server.
This Win2003 server is also your "domain" ??? but this I don't understand :-[ do you mean DNS ?
I also don't understand what "domain IP" means...
When you write that you can or can not ping depending on resolv.conf content, do you mean ping from any computer in your LAN or from Zentyal server itself?
What does resolv.conf contain and what did you configure on Zentyal server in term of DNS ?
Do you also confirm that resolv.conf content prevent to ping IP address? I'm a bit surprised. Do you mean ping "serveur outside of your LAN" rather than "IP address"? (meaning using FQDN)
-
Hy.
Zentyal is gateway ip -> 192.168.1.254 (hostname zentyal)
win2003K server (that is dhcp server, and domain controller aka mydomain.local) ip -> 192.168.1.2 (hostname server01)
Now in resolv.conf i have this:
search mydomain.local
127.0.0.1
192.168.1.2
8.8.8.8
8.8.8.4
With that resolv.conf from zentyal i can't ping server01, but can ping 192.168.1.2
If i comment 127.0.0.1
I can ping server01 and 192.168.1.2
I understand why zentyal have 127.0.0.1 in resolv.conf it is faster, but if i put it there i can't ping hostnames :|
another problem that i have is when i do a traceroute from zentyal
the first jump is empty....
traceroute to google.com (173.194.34.233), 30 hops max, 60 byte packets
1 * * *
2 94.46.225.9 (94.46.225.9) 5.063 ms 5.253 ms 5.535 ms
3 94.46.224.165 (94.46.224.165) 5.776 ms 6.285 ms 6.551 ms
4 94.46.143.21 (94.46.143.21) 11.739 ms 11.967 ms 12.186 ms
If i do the traceroute from another pc the empty jump is the second because the first is to zentyal... any clue?
-
Is DNS service started on you Zentyal server ?
-
Yes
Because i need http proxy i need dns and users module :/
-
Because i need http proxy i need dns and users module :/
This is a misunderstanding :-[
With HTTP proxy, you need Zentyal to act as DNS client, not DNS server. Stop this DNS server and this should solve your issue 8)
-
I will try it.
-
I believe setting a forwarder entry to point to the domain controller would also work.
-
Sure it may but what would be the purpose ? I mean running empty DNS forwarding requests.
DNS server would be useful here in case you don't want to run HTTP proxy but don't want users to resolve names using external DNS.
Relay to internal DNS ::) except if there is something I don't understand, of course :D
Furthermore, it looks like DHCP server is pushing Zentyal as default gateway (I hope ;D) but also as DNS ::)
-
yes zentyal is the default gateway
as dns what i should put in dhcp? 192.168.1.2 and 8.8.8.8 or i should put 192.168.1.254 (zentyal) and 8.8.8.8 and 192.168.1.2 only in wins?
thanks
-
- why would you want to set Zentyal (192.168.1.254) as your DNS server if this is not your DNS server (I assume that DNS server is your Windows server 192.168.1.2)
- setting 8.8.8.8 as DNS server for DHCP clients makes sense only if your DNS server can't resolve external names and also if you need to resolve such external names. If you use HTTP proxy and local SMTP, you don't need any external DNS for clients (at least for these services)
- this also assumes that Zentyal uses external DNS (e.g. 8.8.8.8) in network settings (this has nothing to do with Zentyal DNS service)
clearer now ???
-
A bit...
But 192.168.1.2 to get net pass trought zentyal... i only need 192.168.1.2 as dns because intranet computers...
-
If i disable dns i can't run http proxy :/
-
hmmmm, are you using transparent proxy >:( >:( >:(
and this also means, if transparent proxy is used, that if Win server is defined as DNS for clients, Win server can't resolve external names
-
Yes i want zentyal with transparent proxy..
-
What i pretend is have zentyal as gateway and as transparent proxy.
To have that i need have dns server running, but i can't configure it correctly because i have a domain too :/
In the moment i active dns server (because http proxy transparent) the 127.0.0.1 go to resolv.conf and i can't resolv intranet computers name
-
;D ;D I should not always focus on this but can't refrain myself: transparent proxy has a lot of side effects. One is what you just discovered: when transparent proxy is used, then name resolution is handled by client, not by proxy :P
This said, you can still use transparent proxy (you may have plenty of other good reasons to do this), just ensure that Win 2003 server (that is supposed to be defined as DNS for DHCP clients) is able to resolve external names (as I explained in previous post 8) )
-
Sorry but i'm lost it somewhere :/
i don't mind to have zentyal has dhcp and dns server, but zentyal must reconigze intranet computers.
I only keep win 03 server as dhcp server and dns server because i can't configure zentyal to work and the computers inside network see each others.
I assume the big issue is to configure dns server because domain and etc. The zentyal docs in this part ins't very clear, or i can't understand it, because i must keep the domain in win 03 server
-
I'm lost too :-[ do you mean to say that you keep Win 2003 server because Zentyal doesn't work as expected ?
If yes, then let me explain something:
- if, for your network zone, you maintain entries in Windows server DNS and if you define Zentyal as DNS server for this same zone without maintaining entries in Zentyal, then do not be surprised that it doesn't work 5meaning Zentyal will not resolve names for this zone he is suppose to maintain).
- if you want Zentyal to also resolve names for DHCP clients, Zentyal has to be DHCP server.
- except for DHCP client, Zentyal, as DNS, will never "recognize" intranet computers. You do have to maintain it manually.
Once all of this is done, then, trust me, Zentyal can act as efficient DHCP and DNS server. And if used with transparent proxy, then half_life's point is meaningful: activate forwarding feature at Zentyal DNS level
-
I do everything that.
I active dns server dhcp server in zentyal and http proxy. Disable dhcp and dns in win 03 server.
But then none intranet computers can find local computers
I can't ping from server01 to server02 for instance, only can ping from server01 to 192.168.1.3 (server02)
-
did you define server01 and server02 as hosts in DNS configuration ? (hostnames tab)
If not, then it doesn't work, obviously ::)
-
But i must define manually every computer in the lan?
If zentyal is dhcp server he shouldn't know?
-
see my post above ::)
- Yes you have to define every server that is NOT DHCP client.
- For DHCP clients, be sure you have enabled and configure the "dynamic DNS" section otherwise it doesn't work ;)
-
@Codemind.
Let's set the things straight for a second. Here is what i would recommend you.
Since Christian is trying his best to guess your setup and your intentions you will have some steps to clarify so we can help you
Do you need the W2K3 server in your lan ?
if NO then let's do all the steps from the top with zentyal
0 Start a fresh install of zentyal and a test machine
1 configure as DHCP and Domain controller
2 add your NON-DHCP machine in the dns section of zentyal
3 join your computers to zentyal
4 see if your computers access the internet (without proxy enable)
5 If your domain is ok and your test machine is getting outside then use transparent proxy.
If YES you DO require the W2K3 server as (DNS and DHCP) machine
1 configure zentyal as gateway
2 add the non DHCP clients (like the W2K3 server) to dns of the zentyal and configure hosts
3 set-up the W2k3 to be your DNS DHCP server and set the gateway to be zentyal machine and his dns
4 check that your clients are getting the correct config from dhcp server and are joined in the domain.
5 test if you can get out in internet from your clients.
6 configure Zentyal with proxy settings.
I hope i'm clear with what i say and not mistaking.
Please if there are any other opinions make the appropriate modifications.
Thanks and best regards
Bogdan
-
Hy ctek
I now do what Christian say.
But because now every company is working i must wait to apply the changes en zentyal at lunch time.
I do almost everything you said in second part.
win03srv is need because is the domain controller.
I put zentyal as gateway, dhcp server, dns server (adding manually all static hosts), and http proxy (transparent mode)
DHCP server will deliver the folling options to clients:
gateway: zentyal ip
dns 1: local zentyal dns
dns 2 : 8.8.8.8
wins: custom (192.168.1.2) ip from win03srv
Then i enable dynamic domain too
After i test it i will came with status.
Thanks to all.
-
Hello,
in the new version Zentyal uses kerberos and kerberos needs dns to find its resources. Since the resources are stored in the local user domains we need that the system uses our dns server.
-
If i use zentyal as primary dns server dhcpclient don't have internet connection :/
I change dhcpserver to put the follow dns
8.8.8.8
8.8.8.4
wins 192.168.1.2
And i think for now is working
PS: at least for windows 7 machine...
-
Thank you for the notification.
- Are we here running Zentyal 2.2 or 3.0 ?
- When will Zentyal publish doc describing this (I didn't check this morning but this was not available yesterday)
- Why not, if not already done, dedicated local DNS server providing service to Kerberos like you do with LDAP for Samba?
-
If i use zentyal as primary dns server dhcpclient don't have internet connection :/
This is not matter of "connection" but failure to resolve internet names ;) which is mandatory as you use transparent proxy.
It doesn't work mostly, I believe, because you did not set your local DNS to transparently cache, did you?
-
I'm running 3.0 updated
i can't ping from zentyal(or any computer) none of dhclients by theirs hostaname.
Any suggestion?
dmps@zentyal:~$ ping 192.168.1.123
PING 192.168.1.123 (192.168.1.123) 56(84) bytes of data.
64 bytes from 192.168.1.123: icmp_req=1 ttl=128 time=0.414 ms
64 bytes from 192.168.1.123: icmp_req=2 ttl=128 time=0.265 ms
64 bytes from 192.168.1.123: icmp_req=3 ttl=128 time=0.296 ms
^C
--- 192.168.1.123 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.265/0.325/0.414/0.064 ms
dmps@zentyal:~$ nslookup documentacao02
Server: 127.0.0.1
Address: 127.0.0.1#53
** server can't find documentacao02: NXDOMAIN
dmps@zentyal:~$ cat /etc/resolv.conf
search cariano.local
nameserver 127.0.0.1
nameserver 192.168.1.254
nameserver 81.92.193.1
nameserver 81.92.192.2
nameserver 81.92.192.3
nameserver 8.8.8.8
nameserver 8.8.8.4
dmps@zentyal:~$
-
did you check that you clients inherit from the right domain name and did you set up "search domain" field ?
well, I notice you perform this test from Zentyal itself. Is "search domain" in Network/dns section defined ?
what if you look for FQDN instead of hostname ?
-
Yes i have confirmed everything
from zentyal i can ping server01 (and in the ping the ping put the search domain) (but server01 is static The problem is other computers.
In dhcp i put wins 192.168.1.2 should i put 192.168.1.254 ?
The main problem in my opinio is the 127.0.0.1 because when i try the nslookup is the server who response.
dmps@zentyal:~$ nslookup zentyal
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: zentyal.cariano.local
Address: 192.168.1.254
Name: zentyal.cariano.local
Address: 94.46.225.18
Name: zentyal.cariano.local
Address: 192.168.0.1
dmps@zentyal:~$ nslookup server01
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: server01.cariano.local
Address: 192.168.1.2
dmps@zentyal:~$ nslookup documentacao02
Server: 127.0.0.1
Address: 127.0.0.1#53
** server can't find documentacao02: NXDOMAIN
-
is documentacao02 DHCP client? If not, is this server defined as hostname in Zentyal DNS?
Regarding WINS: which one is your real WINS server ? Windows or did you also set up Samba (file sharing) in Zentyal. In any case, in order to avoid ping pong game, you should have only one master browser. If Windows server is to be kept as file server, keep it as WINS server too. Emulating Windows is never better done than by Windows servers ;D
-
Yes documentacao02 is dhcp client.
And yes, windows 03 server is to keep and is ip is 192.168.1.2
-
look at you DHCP client and check what is the IP config. Is domain aligned with Zentyal domain?
What does "static domain" contain in the DHCP/Dynamic domain section ?
-
Dhcp client
receive 192.168.1.254 as gw
dns 8.8.8.8 and 8.8.8.4 and search domain is cariano.local
The same goes to resolv.conf in zentyal
dmps@zentyal:~$ cat /etc/resolv.conf
search cariano.local
nameserver 127.0.0.1
nameserver 192.168.1.254
nameserver 81.92.193.1
nameserver 81.92.192.2
nameserver 81.92.192.3
nameserver 8.8.8.8
nameserver 8.8.8.4
-
In Zentyal, "nameserver 127.0.0.1" & "nameserver 192.168.1.254" in resolv.conf are strange as both point, at the end, to same DNS server isn't it?
Regarding your DHCP client, what is missing to confirm we have the right setting, if client FQDN.
Is or not your client part of "cariano.local" domain ?
Search domain and DNS domain can be different. you could f.i have DNs domain = dynamic.cariano.local but search only for cariano.local because all servers are at the root level.
In such a case and with such search domain in Zentyal, you will never find client.dynamic.cariano.local
BTW, did you try, as I asked you, to resolve FQDN, just to be sure we do not take in account in our long debugging session, potential issues due to search domain.
-
Yes.
documentacao02 is part of domain cariano.
dmps@dmps-desktop:~$ nslookup documentacao02
Server: 127.0.0.1
Address: 127.0.0.1#53
** server can't find documentacao02: NXDOMAIN
dmps@dmps-desktop:~$ nslookup documentacao02.cariano.local
Server: 127.0.0.1
Address: 127.0.0.1#53
** server can't find documentacao02.cariano.local: NXDOMAIN
dmps@dmps-desktop:~$ dig documentacao02
; <<>> DiG 9.8.1-P1 <<>> documentacao02
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57459
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;documentacao02. IN A
;; AUTHORITY SECTION:
. 1762 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2012092000 1800 900 604800 86400
;; Query time: 84 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Sep 20 16:22:26 2012
;; MSG SIZE rcvd: 107
dmps@dmps-desktop:~$ dig documentacao02.cariano.local
; <<>> DiG 9.8.1-P1 <<>> documentacao02.cariano.local
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18733
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;documentacao02.cariano.local. IN A
;; AUTHORITY SECTION:
. 1755 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2012092000 1800 900 604800 86400
;; Query time: 56 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Sep 20 16:22:32 2012
;; MSG SIZE rcvd: 121
dmps@dmps-desktop:~$
About resolv.conf the 127.0.0.1 i can't remove, i can remove 192.168.1.254.. but don't change nothing :|
(http://imageshack.us/a/img6/2636/capturadeecrade20120920.png) (http://imageshack.us/photo/my-images/6/capturadeecrade20120920.png/)
Uploaded with ImageShack.us (http://imageshack.us)
-
so remove this useless "192.168.1.254" ;) it will avoid to request local Zentyal DNS once from localhost and once from internal NIC
As you play with "dig", why not trying "dig documentacao02.cariano.local." ? (notice the leading dot here)
-
removed 192.168.1.254 from resolv.conf
the dig result
; <<>> DiG 9.8.1-P1 <<>> documentacao02.cariano.local.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17528
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;documentacao02.cariano.local. IN A
;; AUTHORITY SECTION:
cariano.local. 86400 IN SOA zentyal.cariano.local. hostmaster.cariano.local. 2012092042 28800 7200 2419200 86400
;; Query time: 8 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Sep 20 16:33:33 2012
;; MSG SIZE rcvd: 101
-
So, clearly, your "documentacao02" server is not yet registered in your Zentyal DNS server.
Can you see it in the DHCP leases (dashboard) ? if yes, then I suppose there is either misconfiguration or bug (I didn't try Zentyal 3.0 DHCP yet)
-
yes i can see it there. so i can see the ip address and then ping it :/
-
So, to summarize:
- DHCP is configured with dynamic DNS
- clients get IP and are in the right domain (cross check this twice and check again, in DNS section that your domain is shown as "dynamic")
but you can't resolve names for DHCP client.
In such case, I suggest you create a ticket.
BTW, you should also change, in DHCP, primary DNS setting: there is no reason to use 8.8.8.8 as Zentyal DNS will act as local cache and save you some bandwidth and latency.
-
hmmm in dns server settings the domain isn't in dynamic
how can i change it?
-
ok, THIS is the point ;)
I suppose it become dynamic based on DHCP configuration only. Did you try to restart both DHCP and DNS services as I'm not sure this setting is... dynamic ;D
-
hummm ok give me two hours then i will reboot all zentyal.
-
restarting DHCP as NO impact on clients, except if someone is asking for a new lease, which is very unlikely.
DNS restart is very fast too ;-)
but it's up to you.
-
that i have done yet and domain isn't dinamic
-
I don't know how to help further :-[
You could still try to delete and create again this domain in DNS section, assuming you don't have too many host to be then manually created.
Next step, if you still want to reboot and if it still doesn't work, will be ticket at support.
-
ok dynamic domain is active
but didnt aolve the problem :(
-
How did you activate it (just curious) ?
What I suggest now that DNS is active, is that you renew lease from one client. Registration in DNS should only happen, for what I understand, when lease is issued or perhaps renewed. Rebooting server will not help as lease is still valid. Reason why you new to release and renew from client side.
-
i restart dns and dhcp and then it is done...
I will now reboot the zentyal, with that i will assume dhcp will atribute new leases, right?
-
dmps@zentyal:~$ cat /etc/resolv.conf
search cariano.local
nameserver 127.0.0.1
nameserver 192.168.1.254
nameserver 81.92.193.1
nameserver 81.92.192.2
nameserver 81.92.192.3
nameserver 8.8.8.8
nameserver 8.8.8.4
dmps@zentyal:~$
This looks like a very "strange" configuration for me - especially knowing you are running "Infrastructer / DNS" as a Zentyal service (for good reasons).
- there is a non-functional entry: the last line is simply wrong. Probably you wanted to enter 8.8.4.4:
~$ host 8.8.4.4
4.4.8.8.in-addr.arpa domain name pointer google-public-dns-b.google.com.- in my opinion there are much too many entries. On my systems there are usually two or three of them. Not more. If all three fail I have other severe problems than name resolution.
- I wonder if you understand which computer is actually using these entries: these are only used by the so called "resolver" locally on the server system, not for the clients in your local network. The clients will/must use the server defined in their DHCP query/answer. Running Windows as the main clients host OS it is a MUST to make them use this Zentyal machine running Samba. No other name servers (also no secondary or "Spare" server are of any use - except if the secondary one replicates the data from the primary machine.) Samba 4 requires this. You can not choose.
So I am convinced that on a Zentyal/Samba machine you need to prepare the local DNS Server to know some (two or three) Forwarders which will then automatically will be queried to resolv external DNS-Names/IP-Adresses. When BIND is configured correctly
- the machine running the DNS-server and Samba should only contain nameserver 127.0.0.1 in /etc/resolv.conf to get consistent behavior.
- the clients will list nameserver ip-adress-of-zentyal in that file.
Test it on a command line on the host
~$ nslookup www.google.com
Server: 127.0.0.1
Address: 127.0.0.1#53
Non-authoritative answer:
Name: www.google.com
Address: 173.194.69.105
...
The very same query must work on Windows clients in your LAN.
Perhaps this helps...
Best regards
-
no... wrong assumption :-\
Once lease is acquired by client, :-\whatever DHCP server status, this lease is valid. reason why rebooting is useless as I explained above.
What you need to do is to renew this lease, from client side.
-
@UdoB:
although you're not wrong, his problem was, but it took time for me to understand :-[, that DHCP was not registering dynamically hosts in DNS.
no more nor less.
It took time to get there because he had implemented some workarounds, using Windows DNS mixed with need to resolve external names but not via Zentyal DNS... well nothing simple while initial problem is quite simple.
At least we progress. I believe we are almost done now. This is just a matter of renewing lease so that is triggers registration in DNS ;D
-
@codedmind: in case I was not clear enough, DHCP client on which you have to renew DHCP lease is the server or client you want to ping or reach because this is the one to be registered in DNS. for testing purpose. other DHCP clients will renew their lease at 50% of max lease duration, this is populate your DNS.
-
Weel now i'm working remotly the thing is more difficult ... after reboot i loose http connections from clients (loose access to zentyal web)
anyway, remove zentyal-squid from terminal and up running again.
Please can we start from de begin :)
From network i will remove all the dns entry (this way only 127.0.0.1 will be in resolv.conf)
dhcp server should give what nameservers? zentyal ip plus one ou two nameservers like 8.8.8.8 and 8.8.4.4?
I must install samba in zentyal to run dns server?
-
:o :o :o why do you want to restart everything from scratch ???
Furthermore, rebooting was not mandatory ::)
I suggest we do not discuss content of resolv.conf or any other file but focus on Zentyal configuration from GUI. Do not take it the wrong way but for the time being, given debate we have, I don't think you have yet reach the stage where we can look at config detail from CLI.
Zentyal as DNS client:
this is configured in network section ! be sure to add here some external DNS otherwise you will never resolve any external name
Zenyal as DNS server: do not change anything now that DNS is dynamic. Ensure DNS acts as cache.
DHCP server:
you can (should) push Zentyal as DNS server for clients.
adding external DNS is useless (again)
No you don't need to install Samba to have DNS working (furthermore you will not be able to do it because your network domain is not supported, due to the "local" TLD >:(
-
dns as client
127.0.0.1 (mandatory
8.8.8.8
8.8.4.4
dns server:
still dinamic and
Enable transparent DNS cache checked
dhcp server
dns 1: zentyal
dns 2 empty
-
ok, then try after you have renewed DHCP lease of client you want to reach or test.
You can check in syslog that request is performed to update DNS content.
-
Now i can't force none dhcl client to renew the ip...
For the servers (static ip) what dns they should use? zentyal and empty too ??
In zentyal where i can see a table (if exists) of ips from dns cache ... or i can't?
-
Well no juice i can start up a virtual machine and i think now its fine and working.
the first nslookup return an error but in the second try it work
Tomorrow i will confirm with all other computers...
Thanks again to all
-
Please once you have confirmed it works, edit the very first post of this very long thread and modify subject, inserting [SOLVED] as explained [ur=http://forum.zentyal.org/index.php/topic,4139.0.htmll]here[/url].
I hope you learned, during this investigation, as much as I did :)
It's always amazing, at least from my side, to realize after lot of exchange, that technical problem was very simple but the two main issues are, as often, communication and alignment regarding basic concepts (here: how DNS works).
If you look carefully at what you have now in term of design, this is no more nor less than what standard documentation describes ;D
Keep in mind limitation I raised about Samba and .local TLD 8)
-
Hy there.
Every computer can ping and hostname too. The problem, none of them can surf the web, only if i disable transparent proxy :/
But i need transparent proxy :/
-
how do you "disable" transparent proxy?
(I know this is not always easy but in order to save us time, could you please try to be more accurate: e.g. here, do you mean switch from transparent to explicit proxy or stop proxy service?)
-
I go into http proxy settings and uncheck
Transparent Proxy:
-
and doing this, you can access internet from your LAN ?
This means that either your firewall authorizes HTTP flow or than your client is configured to use proxy.
It would help if you could translate the "none of them can surf the web" into something more technical like an error message or browser behaviour ;)
I first though that it could be again DNS issue but if you can surf bypassing proxy thanks to permissive FW rules, it means that you client is have to resolve external names. BTW, could you please perform this test (e.g. nslookup www.zentyal.org)
-
Erro 102 (net::ERR_CONNECTION_REFUSED): O servidor recusou a conexão.
-
hummm, are you trying to access HTTPS site ?
what is the URL, if I can ask?
-
in that case is google.com...
After some time i go and activate again the proxy and loose all the access (even to zentyal) remove zentyal-proxy via terminal
Go to web gui add http proxy again, and now is working... even with http transparent proxy :| very weird...
I will keep monitoring this situation.
By now i can ping some hostnames from dhcpclient (brand ones) others no because must wait for new leases... (i went to one do a ipconfig /release and ipconfig /renew) but the pc get the same old ip ... and i can't ping the hostname
-
or you can wait for lease to be renewed automatically at 50% of lease life if you are not in a hurry (I hardly understand it can be that critical to have ALL workstations able to ping in a meshed way)
Please stamp this huge thread solved when it's solved (and I believe it is now)
-
Thread solved.
Now waitting like you said for new leases...
Thanks too all one more time :)