win2k server, dns & ics giving me problems!

i'm using one win2k server machine for my dns, dhcp, & ad. this machine has a pci modem which i use to dial-up to the internet. upon enabling ics, my ip is set to 192.168.0.1, & i have configured my dhcp scope accordingly. the current scope options are pointing the "router" (default gateway) option to 192.168.0.1, pointing the "dns server" option to the same ip, & defining my domain name. on-demand dialing is enabled for ics & my dialup connection is configured for dhcp. as it is merely a home lan, & i am not constantly connected to the internet, i have not registered my domain.
dns is configured with one fwd & one rev lookup zone. they are both ad integrated, & the server is a root server, which doesn't allow me to enter forward'ers or root hints thru the gui.
a check with ipconfig & nslookup both confirm that all options that i have currently enabled are working. pinging back & forth across the network is possible & both files & printers are successfully shared.

the problem is that attempting to access the internet via a win2k client machine will always bring up error msg's. no outside internet content is available to any machine on the network besides the server; however, pinging my isp's dns server (or any other internet ip) from the client machine is possible.

the only reason i've setup dns on my server is because it is "recommended" for best ad performance. previously, under a different installation (w/out dns), internet content was served to the entire network (which consists of not only win2k, but win98, linux & unix machines) without problems.

have tried adding the ip address of one of my isp's dns servers to my dhcp scope options & configuring dns to note that server as a 2ndary server for the zone; with no luck.

any help would be appreciated.

The reason why you are receiving errors when trying to view web pages on the internal network is becauses name resolution is not available, ICS installs its own (cut down) version of DHCP and DNS to invisibily assign and control internet connections internally. The problems comes when you install a second dns server for AD, niether the ICS or AD dns servers are aware of each other.
As you are being authed through the ad domain the internet request is passed to the dns server which is integrated into ad, this dns server has no knowledge of the outside world and thus responds with a DNS error.
A real, and i mean real, temporary solution to this is to manually point each client to an external DNS server such as pipex (158.43.240.3, 158.43.240.4) this will enable each client computer to connect to the internet, however internal resolution will become flakey as requests for internal names will be passed first to external dns servers as they are set as primary and secondary DNS.
A real fix to this is to disable ICS and install NAT under Routing and remote access. This should solve the problem as you will no longer have duplicate services running on the same server. Do not install ICS under routing and remote access as this will cause the same problem An added bonus to using NAT within routing and remote access is that you can start it as a service and no longer need to login to your Win2k box to start sharing the internet. Hope this helps, liaryde.

Wow. That thread was begun a looooooooooooooooooong time ago. I'm thinking @ least 3yrs ago. I no longer use dial-up (or ICS, blech), but way to follow up on un-finished threads, liaryde.