How To Set a A Static IP Address In Windows – Server Basics

A lot of my articles, and IT work in general requires setting a static IP address up for your Windows Server or PC. So here’s how to do it.

Note that this procedure will work equally well for Windows 10, and Server 2016. The procedure is fairly similar for Server 2008 and 2012 though it’s easier to go through the “Network and Sharing Center” to get to the Adapter Settings. The idea is pretty similar for Windows 7/Vista. If you’re using Windows XP, it’s still pretty similar but getting to the Network Properties Window is different.  This guide is specifically for Server 2016.

How To Set a Static IP Address in Windows Server 2016

Step 1 – Click the Start button and then click the gear button on the left hand side of the start panel. This should bring up the Settings Window.

Step 2 – Select “Network and Internet”

Step 3 – Select “Ethernet” from the left hand side. If you’re connected with WiFi, you can click that, it’s all going to the same place eventually anyway. 

Step 4 – Under related settings click on “Change Adapter Settings”. You can also get here in fewer steps by opening the Control Panel, changing the view to “Large Icons”, opening the “Network and Sharing Center” and clicking on the “Change Adapter Settings” on the left.

 

Step 5 – Find your active Ethernet Adapter and right click on it and hit properties. Many actual servers have two when they come out of the box, so if you’ve got it hooked in to your router it’ll be the one that isn’t grayed out. My server is just a fancy PC so it just has one. Normal PC’s usually just have one, so it’s pretty easy to figure out. If you’re trying to do this for your WiFi adapter, right click on it and hit properties, the process is the same.

Step 6 – Most networks are still IP4 so click on TCP/IPv4 settings and hit the “Properties” button.

Step 7 – Enter your static IP address information. If you aren’t sure exactly what to put here, refer to the quick and dirty network guide at the end of this article. I’ll post a better one later for setting up a basic flat network.

Step 8 – Click OK on everything and you’re done!

Quick and Dirty Network Analysis Guide

So you know you server needs a static IP but you don’t really know how to figure out exactly what IP to use? Or even what to put in the DNS information? Well here’s a few tips. Keep in mind this is a method I’ve used for small networks where I had no information going in and it works pretty well but is by no means 100% fool proof. There are things in more complicated networks that can cause this not to work, but for most small to medium sized business and home networks this is a good way to go about it.

Step 1 – Determine Network IP Layout

Find a PC already on the network, open a command prompt and type “ipconfig /all” and hit enter. This should bring up all kinds of network information. You’ll see an IP address, subnet mask, gateway and DNS servers, DHCP server, and other stuff. Write it all down. It’ll probably look something like this on a small network.

IP – 192.168.1.102
Subnet Mask – 255.255.255.0
Gateway – 192.168.1.1

DNS Server: 192.168.1.1
Alternate DNS Server: 8.8.8.8 (may not even have one)

DHCP Server: 192.168.1.1

This is probably a basic network. Again, write it all down, it’s important. Other IP schemes could be something like 10.1.1.1 or 172.16.0.100 or something like that. This method really only starts getting weird on big networks with subnet masks like 255.255.0.0 or really small ones with masks like 255.255.255.240. If you see that, you will probably need to do some additional research.

Step 2 – Find a Free IP address that Hopefully Is Not In DHCP Range

If the IP address is something like 192.168.1.100 or 192.168.1.103, there aren’t many computers on the network, and the DHCP server is the same as the gateway, you’re in luck. It’s a super basic network. If the DHCP server is different, it still doesn’t matter much it’s just something to keep in mind. Likely the range is 192.168.1.100-192.168.1.200. So just cross those IP’s off your list of possibilities.

Personally, for servers I like to start low. So open a command prompt and type “ping 192.168.1.2” and see if you get a response. If you do, type the same thing except change that last 2 to a 3 and keep doing that until you don’t get a response. When you don’t get a response, that’s you’re IP address. Likely as not you won’t get one on your first try if it’s a really small network and they don’t have a server, but there might be some network printers or something in the way and you don’t want to have conflicting IP addresses.

Now if it’s a regular PC or something I like to start higher, so I personally would start at around 240 and start pinging.

Step 3 – Enter the IP Information Into your Server or PC.

Take your newly found IP address and the information you wrote down and enter it into the server using the steps above. Make sure it matches. Practically every time this will work. If you get a “Duplicate IP Address” warning just go back to pinging on a working PC until you find another free one. Sometimes firewalls or something have pinging turned off. There is also free network scanning software you can download that will make this process a lot faster.

Note: If anyone has a better, faster, or quicker way to find a free IP address that you can do from a normal workstation on a network or something I’d be glad to post it. Like I said, this is the method I’ve been using for small networks for a long time where I’ve had no information going in and just needed to install a printer or appliance or something.

How To Set Up A New Windows Domain – Server 2016 Essentials

I had some extra hardware lying around, and my trusty backup drive got full so, I decide it was time to build a lab environment so I could develop stuff easier. This involves, to start with a Windows Server 2016 Essentials server. Hopefully everyone out there will find the process I’m going through to set this all up useful.

One of the first steps is creating a Windows Domain. There’s a pretty good TechNet article on this that gives some really good advice for people new to the industry. There are a few things you don’t get to do often in IT, and creating a domain from scratch, unless you routinely install Windows systems for customers is one of them.

The process for creating a Windows domain is pretty simple and basically the same on newer versions of Server. You set up the server, give it a static IP, promote it to a domain controller, and follow the wizard. It reboots a couple of times, and you have your very own Windows domain.

Once you do this you pretty much can’t go back, so you have to make some decisions and give it some thought beforehand.

Now, like the TechNet article this is mainly for relative beginners with a network requiring one domain controller (possibly two), small to medium size business owners, and technicians just starting to dip their toes into these waters. This is not for Enterprise IT guys with a huge domain forest. You guys already know what you’re doing. If you’re starting out and you feel your network is big enough for ten domain controllers, three sub-domains and has five thousand users, consider hitting that contact form up there. Also I’m using the Essentials version of 2016. The processes I’ll be describing in this and future articles are similar but not exactly the same as what you’ll find in  Standard and Datacenter versions.

Considerations For Naming Your Windows Domain

This is where I’ve seen the biggest mistakes made. You need to answer a few questions and do this very deliberately. Now fortunately, Microsoft has some very good defaults that make this a little easier, but it probably wasn’t always this way.

Questions

  • Do I have a website and email that’s hosted somewhere outside my premises?
  • Will I ALWAYS have that website/email domain or could it be changed it in the future? (Less important)
  • Do I like making really creative changes to my DNS to make things work because I named my internal domain the same as my external hosted domain?
  • Is anyone actually going to care that the internal domain doesn’t match our external website? (The answer is likely not).

The reason is, and let’s use this website as an example. Say, GoDaddy hosts WorkendTech.com and its email. I then name my internal domain “WorkEndTech.com” as I’ve seen many people do. When I pull up a website on any computers attached to that domain, using my domain controller as a DNS server, I won’t able to reach my website, or get e-mail. This is because internally “WorkEndTech.com” is now referring to my domain controller(s), not GoDaddy’s hosting. Also my email will  not magically start going to my email server because I set up an Exchange server to start accepting email for that domain.

This should seem obvious but, you have to tell everything on the Internet where you want that stuff to go. You will then also have to tell your own internal DNS servers that you want “http://WorkEndTech.com” to point to something on the internet, and if your host doesn’t have a static IP assigned to your website, or if they change name servers sometimes, which they may, this can get super annoying. Also, remember once you set the domain up it can’t be changed without wiping the domain controller and starting over.

Now if you host your own website, email, and all that other fun stuff on the very server you’re setting up, this is irrelevant and you might actually consider naming your website and internal domain the same thing for convenience. You can name it something else and point your internal stuff to an internal server a lot easier than the situation above.

Consider using the .local extension for your domain heavily. That way you can differentiate it from your external domain. By default Microsoft will assign it this way.

Setting Up Your First Domain Server 2016 Essentials (And other versions of Server)

So you’ll need a few things before you start.

  • A Static IP for your server.
  • A name for your domain (See considerations above).
  • A hostname for your server.
  • Internet Access for your Server (OK this is breaking some security rules, but it makes time synchronization easier. If your router has an NTP server on it, just network access will do).
  • About 30 minutes.

Step 1 – Install Server 2016 Essentials on your machine. Just get the DVD or use a Bootable USB drive.

Step 2 – Give your server a static IP.  Reboot the server. Ignore the “Configure your Server” wizard that pops up. It’ll pop  up on reboot. You can even close it. I’m not sure how to make it pop back  up manually, but rebooting seems to work fine.

Step 3 – A wizard for “Configuring Your Server” should pop up automatically. Read it, click Next.

Step 4 – Make sure your Time Zone and Date/Time are correct.

If the time and date and time zone aren’t correct hit the “Change System Time and Date Settings” and you need to change the time zone here. Usually it’s just the time zone that’s wrong as it is always set to US Pacific time by default. Click Next once that’s all set up.

Step 5 – Enter your company name. The wizard will suggest a domain name and host name for your machine. With mine, I put in WorkEndTech. It suggested WORKENDTECH as the domain and WorkEndTeServer. Obviously I changed it.

I changed my server name to just WorkEndTechServer and made sure my domain was WorkEndTech.local. You can make doubly sure or change the full domain name by clicking the “Change Full DNS Name”. I highly suggest doing this just to make sure.

You can also go with a different naming scheme for your servers, changing the host name will in no way affect the domain name. Click Next.

Step 6 – Create a network admin username and password. I’d suggest against “administrator”. You can use your own name. I went with WorkEndAdm. Click next.

Step 7 – Choose whether you want to use the recommended security settings or do that all later. I just went with the recommended and clicked next. You can tweak those security settings later if you’d like.  Click Next.

Step 8 – The wizard will then start setting up your server as a domain controller for you. This process can take up to half an hour depending on your hardware. I’ve seen some take as little as three or four minutes. It will reboot, continue to set up, and possibly reboot again.

That’s it. You’re pretty much done. The server is now a domain controller. You can now start joining client PC’s to it, making group policy stuff, adding users into to Active Directory, and adding roles and features.

 

 

Fix External and Internal Email Server DNS Conflicts

This might be an old trick, but it’s never been one I  have been able to easily remedy. I’ve worked and done a lot of jobs at a lot of places where this has been a problem, especially on Windows networks. With Linux-based DNS servers, this isn’t such a huge trick.

When you set up a Windows domain for a company, let’s call it “Widget Core”, and they host their own email, let’s call it “widgetcore.com” you generally do this. Their local Windows domain is usually called something like “widgetcore.local” and their website and email domain is widgetcore.com. So when you set up an Exchange server you point their MX records with their domain registrar something like this:

widgetcore.com
widgetcore.com MX preference = 0, mail exchanger = mail.widgetcore.com

Internally they might look like this:
internalmailserver.widgetcore.local MX preference = 0, mail exchanger = internalmailserver.widgetcore.local

Note: I modified this from an NSLOOKUP. Your registrar might call the preference “priority” or “weight”.

The problem is that if you set up someone’s company email on their phone, they won’t get company email over the company wireless. That is unless maybe the Exchange server is in a DMZ or you’ve got something else elaborate going on. If you named the internal domain “widgetcore.com” you couldn’t get to the company website inside the Windows domain and all sorts of other problems would crop up.

There is however a simple but non-obvious fix. Just add another forward lookup zone in Windows DNS.

Resolving Different External and Internal Server Names In A Windows Network

Step 1: Open your DNS Manager. I like to install the Administration Tools on my workstation so I don’t have to remote into a server. You can just connect to a DNS server this way. Here’s a link for the Windows 7 version.  Here’s the Windows 8.1 Version.  Here’s the Windows 10 Version (Technical Preview). 

Step 2: On one of your DNS Servers, drill down to the “Forward Lookup Zones” and right-click directly on “Forward Lookup Zones” and click “New Zone”. A wizard will come up. Leave everything default until you come to the “Zone Name” screen. Name the zone EXACTLY what the name of your email server is on the internet. In the case of Widget Core, it would be mail.widgetcore.com.

DNS Zone Name

On the next screen in the wizard, leave it on the default “Only allow dynamic updates”. You can set it to something else if you want, I can’t see how it would matter, but you’d probably have to update every single DNS server in your domain if you want to add something here.

Finish the Wizard.

Step 3: Right click on the new Forward Lookup Zone you just created and select New, then click “New Host (A or AAA)”. Leave the name blank, and just put the internal IP address of your mail server in the IP address field. Click OK. You should see the record you just created. The name field should say “Same as parent folder” and the IP address or “Data” field should have the IP of your mail server in it.

A Record Setting

Step 4: Ping the internet address of your mail server and see if it doesn’t resolve to the internal IP address if your e-mail server. If so it’s a success.

Now, both your internal and external host names should resolve to the same IP address on your local network. This should resolve your problem of cell phones connected to your email server not being able to connect while on the company Wi-Fi network. There are other ways to fix it, but this is the simplest I’ve seen and doesn’t need a lot of messing around with the network or doing anything weird with your registrar/web host. This also is the first step in fixing a really annoying Outlook problem that can occur with certificates.

How To Child Proof Your Internet At Home For Free

A lot of people ask me this and unfortunately it’s one of those hard things to just tell someone how to do verbally. A lot of parents want to filter the internet for their kids, something that I don’t blame them for. I will post a few really hard to bypass methods, but this one is tough enough to get around that your average middle schooler probably won’t have enough skill or knowledge to bypass. It is also super easy to implement.

This is the DNS blocking method of parental control. The great thing about it is that you don’t need any special software on your kid’s computer. This is filtered past the router level and for the most part works very well.

The quick and dirty method of blocking adult content is by using OpenDNS’s preconfigured FamilyShield Method. I would also like to point out that a nice side effect of this method is your internet will be a bit faster as far as finding websites are concerned. A drawback is you might see just a touch more advertising when you make a typo on a web address.

Use Open DNS FamilyShield

Step 1 – Log into your router. You can check my “Setup Home Wi-Fi” article for how to child proof your router. Added benefit, this will keep people on the street out of your home internet service too.

Step 2 – Go to the section where you set up your DHCP server, most of the time this is under network settings. On Cisco/Linksys routers (which I recommend) this actually on the first screen you see (basic setup). Look at the DNS servers. Usually this will have your router address under the fist entry. Change the DNS settings here to:

DNS 1: 208.67.222.123
DNS 2: 208.67.220.123

Click Save

Step 3 – Once these changes are committed (make sure your router address is not in the DHCP server DNS list), reboot everything in your house so they get the new DNS settings.

This is all you should have to do, you may need to reboot things a few times before it takes effect. If you’ve got some weird brand of router this will still work, but you’ll want to go to opendns.com and check out their instructions, they’ve got a pretty comprehensive router database.

Note: If you have AT&T DSL, their tech support people can probably walk you through this. Just tell them you’d like to change your DNS servers to OpenDNS so you can filter the internet for your kids. Just give them the numbers above and they will likely walk you through all this if you have one of their 2WIRE modems.

Now a lot of IT professionals will tell you this is fairly easy to bypass. If you’ve got a kid who’s really good with computers, they might figure out how to bypass it. If you are a parent, e-mail me and I can tell you how to bypass this on your own devices.

I have a somewhat more advanced, more difficult to bypass method involving a Cisco/Linksys router and DD-WRT that I’ll be publishing soon. It’s cheaper than what I consider the BEST method, but definitely not free (unless you’ve already got the router, don’t mind messing with it and don’t mind paying roughly $5 more a month for internet).

Quite frankly this is not the best option but it’s free, and for most families it’s good enough. If you want to know how to do this right and make it tough for your children to get around even if they know that one kid who knows everything about computers, check back here for an article on one of the best pieces of hardware a parent can buy.

If you found this information useful please comment (I LOVE novel length comments!), Facebook about the blog, tweet the article (check out the buttons below) or send me a note on the contact form up above. Also check out that Amazon ad below, there’s usually something good in the rotation.

 

 

Intermediate Home Internet Troubleshooting

So  you’ve having trouble with your internet at home. It may or may not be completely down and you are trying to figure out where the problem is. It might be slow, it might drop off a lot.  Your router and modem have been rebooted many times, but before you call Tech Support and get told to do that all over again, you want to know what you can do.

Well fortunately there are a few things a home user can do to check their internet and see potentially what the problem is before calling Tech Support. The first thing you should do if you haven’t already is go through my “How to Fix Most Internet Problems” article.

Here’s what to do if you are completely down:

Check If You Are Resolving DNS

Resolving DNS is fancy IT speak for, “Can your computer find the IP address of a site by its name.”  It actually means more than that, but for home use the following overly simple explanation should suffice.

Every website on the internet has an associated “IP Address” so that your computer can know where that website is located on the web. When you type ‘google.com’ into your web browser, your computer asks a Domain Name Server what the IP address for google.com is. It then takes the returned IP address and goes to the site. For instance google.com’s IP address as of this writing was ‘74.125.227.105’. If you copied and pasted that IP address into your browser it would go directly to google.com.

What you want to find out is if your computer can look up a DNS address. This assumes you are logged in as an administrator account on your Windows 7 computer.

Step 1 – Open a command prompt by clicking your start menu and typing “cmd” into the search box and hit enter.

Step 2 – Type “ipconfig /flushdns” and hit enter.

Step 3 – Type “ping google.com”. You should get something very similar to this back:

If you only get the first line where it says “Pinging google.com [74.125.227.105]” but then no replies it means you are at very least resolving DNS. That means that your router is at least seeing your ISP’s domain name servers and they are responding. It also means you aren’t getting traffic back from the internet. The blockage is MOST likely on your service provider’s end.

If you get a “Host not found” error, it means you flat aren’t connected to anything. This could show a bad router, modem or even bad settings in your computer. So let’s try and eliminate the computer as the culprit.

Check your Network Settings

If you followed my advice on setting up home wi-fi then follow these instructions here to make sure your computer’s settings are correct.

Step 1 – Right Click on the network connection icon down by your system clock and select Open Network and Sharing Center. Note: If you connected wirelessly, this will instead look like a cell phone’s signal icon with the five bars.

Step 2 – Click on “Change Adapter Settings”.

Step 3 – Right click on the active network connection and select “Properties”.

Step 4 – Select “Internet Protocol Version 4 (TCP/IPv4) and click the “Properties” button.

Step 5 – Make sure your settings match the picture below.

If the settings are set to “Use the following” on either of those, and you followed my guide to setting up your router, the settings are just wrong and fixing that will probably solve your issue.

Step 6 – Click OK on the TCP/IP properties window, and on the adapter properties window. If you made any changes you will need to wait a few seconds for your computer to apply them.

Step 7 – Check and see if you can resolve DNS now. If you can, try opening a website.

If this doesn’t solve your problem then the next possibility is a bad router.

Router Issues

The easiest way to take the router out of the equation is to hook your computer directly into your modem and see if that solves the problem.

Step 1 – Find the cable leading from your router to your modem. On the back of the router it’s the cable in the port marked “Internet” or “Modem” if you have a normal home grade router. Disconnect this cable from the router and plug the end that used to be in the router directly into the ethernet port on your computer.

Step 2 – Unplug the power from the modem, count to ten, then plug it back in.

Step 3 – Once the modem has booted up completely, try resolving DNS.

If that worked then it’s probably your router causing the problem. You can reset it back to factory defaults then run through my Wi-Fi guide again and see if that fixes the problem.

If it doesn’t work it’s PROBABLY your modem, or the ISP. At this point you should really call tech support and see if they can’t help you. Sometimes telling them you did these things will speed the process up.

If you have another computer with an ethernet port on it, it’s a good idea to test a second one just to make sure it isn’t your computer. Most of the time it isn’t because other devices in the house will be connecting fine, and that computer won’t.

NOTE: Some ISP’s like AT&T might sell you a modem that is also a router, they typically call these “Gateways”. You might also have a modem/router combination for your cable internet. If this is the case you typically need to call tech support anyway.

Please be aware that if you have AT&T’s DSL service and you got one of their 2WIRE gateways, you’ll be happy to know that unlike most ISP’s AT&T fully supports this hardware. Their tech support agents can either walk you through fixing most basic networking problems with it or actually resolve the problem from their end by logging into it themselves. This is very convenient if you aren’t very tech savvy.

Slow Internet Troubleshooting

This problem is a little more vague and hard to pin down than being completely down. For one you need to know what speed internet you’re paying for. Let’s assume you are getting 3mb download speed, and 1mb upload. This is a common plan across the US.

Step 1 – Go to speedtest.net.

Step 2 – Click the “Begin Test” Button. Wait for the test to complete.

When it completes, as long as you aren’t streaming videos or have some other device using the internet, you should get something within 10%-15% of your speed back. So if you have 3meg/1meg, your download speed should show something like 2.7 at the lowest, and your upload should be .8-.9 at the lowest.

If it is lower than that your ISP may be having a problem. You can eliminate your own hardware by running a speed test on another device. If it shows the same, turn off all internet using devices except the computer you are on, your router and your modem. Run the test again, see if it is still the same.

If the speedtest never gets better, you should call your ISP and see if they can fix it. Sometimes things just come loose on their end, settings get screwed up, etc.

If it is better on another device consistently, you might want to run some anti-malware software on that computer or call someone to check it out for you.