Re: Two Nics really needed?

From: Merv Porter [SBS-MVP] (mwport_at_no_spam_hotmail.com)
Date: 12/31/04 

Date: Fri, 31 Dec 2004 13:41:26 -0500

Seems like the T1 router and the PIX can remain unchanged. You'd just put
your external NIC on the SBS in the same subnet as the LAN side of the PIX.
Then the SBS server internal NIC and the workstation NICs plug into the
switch (which is no longer connected to the PIX). I know next to nothing
about Cisco PIX firewall devices, but have you looked at:

Two Nics, a static IP address, ISA, router
http://www.smallbizserver.net/Default.aspx?tabid=52 

-- 
Merv  Porter  [SBS MVP]
===================================
"SBSuser" <anonymous@discussions.microsoft.com> wrote in message
news:0bb501c4ef63$8a028c00$a401280a@phx.gbl...
> OK Merv, that sounds good. Considering my scenario and
> adding the other NIC. How would you rearrange my layout
> keeping the PIX in there? How would you connect the devices
> (sequence)?What changes in configuration?
>
> Thanks
>
>
> >-----Original Message-----
> >Security in layers...  2 NICs are a better insurance
> policy.  If your PIX is
> >breached, your entire LAN is exposed.  If you implemented
> SBS 2000 with 2
> >NICs, you could have ISA running in "integrated
> (firewall) mode" on the
> >server.  This gives you the PIX as the first line of
> defense and ISA on the
> >external NIC as a second line of defense.  Of course,
> there's a learning
> >curve with ISA and the complexity of administering your
> network is
> >marginally increased.  But it all comes down to risk
> assessment.
> >
> >-- 
> >Merv  Porter  [SBS MVP]
> >===================================
> >
> >"SBSuser" <anonymous@discussions.microsoft.com> wrote in
> message
> >news:0b6301c4ef55$7d385940$a401280a@phx.gbl...
> >> I have the following scenario:
> >> T-1 Router - Cisco PIX firewall - Switch - Server and
> >> Workstations
> >> The PIX, server and WS's connect to the Switch.
> >>
> >> The PIX connects EThernet 0 to Internet thru the router
> >> and  connects Ethernet 1(internal) to the Switch
> >>
> >> My boss insists I need to implement two Nic's on the SBS
> >> server. I think we do not need it.
> >>
> >> What's your opinion?
> >>
> >
> >
> >.
> >

Relevant Pages

  • Re: CEICW Network Error
    ... both NICs on SBS should get DNS from the 'internal' SBS NIC. ... The SBS DNS Server service can then be told to use the router or your ISP's DNS Servers as forwarderby submitting such during the CEICW or manual adjustment, OR you can leave the DNS setting blank during CEICW and SBS DNS will resolve using 'root hints'. ...
    (microsoft.public.windows.server.sbs)
  • Re: Install 3 times (triple crown)
    ... [switch (could be built into router)] ... In the above example, the gateway router lan side is on the 192.168.0.x network, as are the wan nics of the SBS boxes. ... built 4 SBS servers with one installation and launched,> which are ...
    (microsoft.public.windows.server.sbs)
  • Re: Setting up wireless in a passthru/bridge mode
    ... then re-run CEICW to configure the SBS server properly (including inputing ... (2 NICs) ... a wired and a wireless. ... Put the wired router between the ...
    (microsoft.public.windows.server.sbs)
  • Re: Install 3 times (triple crown)
    ... I'm not really talking about DHCP on the router, but as you mentioned it - it can be on or off - but it's best practice practice to have your SBS nics on static IP addresses. ... > Current Network ...
    (microsoft.public.windows.server.sbs)
  • Re: How do I configure SBS 2003 as a DHCP server?
    ... Knowledgeable SBS MVPs and others of us have tried hard to help you, ... I don't like the idea of a router between SBS and my modem. ... My network now consists of the modem at the edge facing the Internet. ... > post) for the server indicated that you have 2 NICS and that the ...
    (microsoft.public.windows.server.sbs)