Re: ISA and Separating Networks

Chris Guimbellot wrote:

Steve,

Thanks for the continued help. A few more questions though.

You need the switch to connect all the "outsides" together to the inside
of the cisco router. Creating network diagrams in ascii can be a little
tricky. <g>

Lets try again (trying with ASCII box characters): 

[DIAGRAM WAS HERE]

Thanks for taking the time to build the diagram. I understand exactly what
you are talking about. The question I have is: we have switches all over the
building and we have never had renters before. That said, when we wired the
building, it was wired such where the main switch was wired to the nearby
computers as well as other swtiches in other places in the building which,
in turn, are wired to the nearby computers. Basically, this is a long
explanation for saying that I do not have two sets of wires (one for us and
one for them). I am thinking that this should not be a problem as long as
the Cisco router, firewall, and SBS (the three elements in the diagram) are
configured correctly. Is this correct. I hope it is, otherwise I have a big
problem.

Your goal was total separation of their network from yours. Thus they need to be on separate switches/hubs, etc.

Assuming that they will be occupying a single area within the building, this should not be difficult to organise.


I am now thinking that the Cisco does not perform the NAT because my SBS has
a public IP. From what I gathered from what you were saying, the external IP
on the SBS signals no NAT. Is that correct. I have enought IPs to make this
happen.

Sounds like it's plain routing. As long as you have more public IPs in the same range, you should be fine.



Any firewall will do, just as long as it supports enough users to cover
their whole network. The SonicWall SOHO sounds fine (subject to user
counts).

I have a 25 user license on the firewall. By the way: why a firewall and not
a router? 

Twofold:

a) their network needs to be protected from the internet, and you, and
b) unless it's a very small network, you probably don't have enough public IPs for all their machines



If everything I assumed is correct, it sounds like all I have to do is plug
that SOHO in, configure it with the external IP with a gateway of the IP of
the Cisco (thats what I did on the SBS), and then configure the lesees PCs
to connect to the SOHO. Does that sound right.


Yup.

--
Steve Foster [SBS MVP]
---------------------------------------
MVPs do not work for Microsoft. Please reply only to the newsgroups.
.

Relevant Pages

  • Re: How to reinstate DC on network with same server name and ID bu
    ... > active DC member on the SBS domain. ... > 192.168.2.x for Win2KS LAN ... > The network diagram was as follows: ... > The network diagram is currently as follows: ...
    (microsoft.public.windows.server.dns)
  • SBS 2003 R2 Standard
    ... I am configuring a new SBS 03 R2 Standard network, ... of RWW from outside of the network. ... connected to a Cisco router. ...
    (microsoft.public.windows.server.sbs)
  • Re: Install 3 times (triple crown)
    ... Build the customer SBS box enabling both nics ... network, as are the wan nics of the SBS boxes. ... how far can you go with the installation? ...
    (microsoft.public.windows.server.sbs)
  • Re: May need to move from SBS because of connection issues
    ... Can you connect from your own SBS server itself to a remote SBS network via ... broadband wireless connection. ...
    (microsoft.public.windows.server.sbs)
  • Re: DHCP Fails on Authorized Server
    ... The DHCP shutdowns may because the SBS detects another DHCP in network. ... How to configure Internet access in Windows Small Business Server 2003 ... On the Connection Type page, click Broadband, and then click Next. ...
    (microsoft.public.windows.server.sbs)