Re: New At Network Configuration
- From: "Bill Grant" <not.available@online>
- Date: Wed, 24 Jan 2007 10:56:09 +1100
I agree with Danny. This is much too complex. Using multihomed servers as
domain controllers is bad practice and will cause you problems.
If you want to use a server as a router/firewall for your LAN, do not
make it a domain controller. Use a standalone server (running ISA server if
possible). But this may be overkill for your setup. For testing you could
use RRAS, which comes as part of 2003 R2, as a NAT router. Have you
considered running a hardware firewall instead?
You only need one internal network, and the machines on it only need one
NIC. Only the router/firewall should have an interface in both networks. eg
Internet
|
public IP
router/firewall
private IP (eg 192.168.31.254) default gateway blank
|
all LAN machines (workstations and servers)
192.168.31.x dg 192.168.31.254
Give the server you want to use as the DC a static IP, then run dcpromo
to set up AD and DNS. When you configure DHCP, set all machines to use the
DC for DNS and the firewall as default gateway (192.168.31.254 in the
example above). Modify the DNS on your DC to forward to a public DNS server
(so that it can resolve foreign URLs as well as local names).
Where you locate the web server is a problem. If you put it on the
"public" network, you will have problems using it or updating it from the
LAN (because it is outside the firewall). A common practice is to have the
web server on the LAN and arrange for public access to it via the firewall.
(That is the remote users connect to the firewall and the firewall redirects
queries to the web server on the LAN).
"Danny Sanders" <DSanders@xxxxxxxxxxxxxxx> wrote in message
news:%23d0TykxPHHA.320@xxxxxxxxxxxxxxxxxxxxxxx
administrative computer and then the Group of
workstaions connect via the admin computer to the network
You lost me here.
I really can't follow what you are trying to do.
DDS
"Silom" <nospam@xxxxxxxxxxxxxxx> wrote in message
news:53466EA0-D716-49D8-9E68-0E72073D8D7D@xxxxxxxxxxxxxxxx
Hi All,
I am very new to all of this.
I am using MS Server 2003 R2 etc and so far have tried some very simple
networks all using the same internal network.
Now I would like to start a network where a group of workstations connect
to the network but using a different address.
So there would be a DHCP/DNS/AD/RRAS server, a Web server,a Firewall, an
administrative computer and then the Group of
workstaions connect via the admin computer to the network.
Computer 1. two NIC's (one for the internet, one for the local network)
(srv 2003 r2)
Computer 2. a single NIC (web server)
Computer 3. two NIC's (one for the local network and one for the admin
computer) (firewall)
Computer 4. two NIC's (one to connect to admin and the other to the Group
of workstations) (Admin)
Computers 5 - 10 one NIC each
I let the server program configure as a typical first server. OK. Those
computers that reside up to the firewall
(as yet not installed), computers 1 to 3, connect to the network and also
the internet using DHCP/DNS/AD/RRAS as setup.
However, The card in computer 3 that looks to connect to the admin
computer and those which look from the workstations
to the admin computer do not connect to the network.
I have not setup any other configurations except as instructed "To Do
Next" after the initial setup. I am seeing leases
used under DHCP and the same addresses appearing in the FWD Lookup zone
under the domain name.
Can some assist me in configuring the necessary aspects to help me
rectify the problem.
.
- Follow-Ups:
- Re: New At Network Configuration
- From: Silom
- Re: New At Network Configuration
- References:
- New At Network Configuration
- From: Silom
- Re: New At Network Configuration
- From: Danny Sanders
- New At Network Configuration
- Prev by Date: Re: IE 6.0, and 7.0 Proxy settings problem.
- Next by Date: Re: 802.1x Authentication Prior to Windows Logon
- Previous by thread: Re: New At Network Configuration
- Next by thread: Re: New At Network Configuration
- Index(es):
Relevant Pages
|
