Regarding my issue where various Windows version cant browse the web on either of our two different SME 10.1 servers & networks we operate, I decided to try and simplify the mix to see if I could work out the issue without making ad hoc changes on our production servers.
Steps were as follows:
Downloaded a new version of Koozali SME Server 10.1 from the web site.
Set up a spare machine with 2x 2TB Drives, mirrored pair.
Created a bootable USB stick & installed the new SME 10.1 onto this spare machine.
Set all relevant settings to the same as one of our production servers, so Server – Gateway, no VPN or other add ons were installed.
No Contribs were added at all, so just a totally standard SME install, two NICs, generally taking all default options.
Server operated as Server Gateway, connecting to the internet via Starlink
Initially the new server was not patched, access was then tested but it was not possible for W11 PCs to connect to the Server via the local area network.
The new SME Server was then patched with all recommended updates via Software Update, reconfigured & restarted.
W11 PCs could now connect to the Server via the LAN ok.
PCs running W11 and all other versions of Windows we have could also browse the internet ok.
Started changing settings one by one to match the settings on our production server.
The W11 and other Windows PCs could no longer browse after we changed the DOMAIN from RESOLVE LOCALLY to INTERNET DNS SERVERS. Reversed the change back the default settings, restarted and browsing again worked.
On our Production Server we normally have the DOMAIN set to INTERNET DNS SERVERS as the web addresses are valid actual live web sites which we have to be able to access. We have also tried setting Corporate DNS Settings and pointing these to Google. Same result, Windows PCs could not browse.
So – setting DOMAIN to anything other than RESOLVE LOCALLY stops all Windows PCs from browsing – on a bog standard SME 10.1 installation. We tested Windows 7, Win10 and W11 PCs, sames result with all.
We then changed our Production Servers DOMAIN settings to RESOLVE LOCALLY, retarted all Servers and PCs, all Windows PCs can now browse fine (as can our Linux Workstations). The RESOLVE LOCALLY setting was not required to allow Linux Mint (current version) to browse, these always worked just fine.
I am unsure if the DOMAIN settings issue is actually a fault, or whether its related to some other issue and just makes an apparent fix. Maybe there is something else going on under the hood and the DOMAIN settings change just makes it work for whatever reason !
So at this stage we have our primary problem solved, although it does create an issue for us to access and maintain our external web sites. We did try a VPN connection from a PC to a remote country using ExpressVPN and tried accessing the external web site but the domain address was still captured locally by the SME Server.
Many thanks for the suggestions re this problem, and any further thoughts anyone may have.