Re: Internet Access / Server Connectivity Setup
From: Jeff Cochran (jeff.nospam_at_zina.com)
Date: 07/23/04
- Next message: Jeff Cochran: "Re: Regarding IIS Service"
- Previous message: Phillip Windell: "Re: bridging"
- In reply to: Steve: "Internet Access / Server Connectivity Setup"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 23 Jul 2004 20:08:46 GMT
On Fri, 23 Jul 2004 00:53:07 -0400, "Steve" <wormuth@hotmail.com>
wrote:
>Good Day,
>
>Since computer hardware (especially used) has become so cheap, I am setting
>up a series of small servers for my home. I am using rack chassis and a
>small 11U frame which I will build using standard rack rails. I am thinking
>of four servers;
>
>Standard Server (DNS, AD Global Catalog, DHCP, WINS)
>File Server (Shares, Files)
>Communications Server (Web, Usenet, Mail, Intranet, FTP)
>Network Support Server (RIS, Etc...)
>
>This should allow me to free up the really good hardware which I can tear
>down and rebuild at will (upgrades for games, etc...), while being anal
>retentive with the servers for the important stuff. We all know the
>benefits of plugging in a new machine and having the user accounts already
>existing, group policy automatically configure the PC, etc...
>
>So the questions...
>
>I need recommendations for a good inexpensive hardware-based firewall
>solution, and advice on setting up the connectivity in the network. I was
>thinking something like this.
>
>All motherboards will have a built-in 10/100 LAN port, and I will install an
>additional LAN card with WOL in each. I was going to buy a 4-port hardware
>router with NAT to connect to the cable modem. I would connect each
>on-board LAN controller to a port on the router so each system has direct
>internet access, and connect the WOL LAN cards to a patch panel for the
>network connectivity.
>
>Is this stupid?
I'd say "ill informed" but I'm in mixed company now.
>Should there be only one access point for the internet?
Yes.
>Will the routers DHCP screw with Windows 2000 Advanced Server?
Yes.
Get a small SOHO firewall. I'm patial to the SonicWalls but there are
several decent makes. The key is a WAN port, LAN port and DMZ port.
Outward-facing systems run off the DMZ port, your internal the LAN
port and the external WAN port is to your internet connection.
Disable the router's DHCP, control it yourself. I would only put the
Communications Server on the DMZ, all else is internal. You want an
external facing DNS on the Com server as well, with your internal DNS
resolving only your internal net and forwarding to the DMZ for the
rest. If you don't have extra public IP's, the firewall should do
your NAT, not the router/broadband connection.
Jeff
- Next message: Jeff Cochran: "Re: Regarding IIS Service"
- Previous message: Phillip Windell: "Re: bridging"
- In reply to: Steve: "Internet Access / Server Connectivity Setup"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
