Re: New At Network Configuration
- From: "Silom" <nospam@xxxxxxxxxxxxxxx>
- Date: Wed, 24 Jan 2007 18:48:03 +0700
Hi,
May I firstly thank you for your good council.
Having worked through your scheme I now understand much better what a
monster
I had proposed.
I see that the private ip settings are in essence the same but in one
or two places they are different than before. I have assumed this was
because
I had two NIC's on the DC. Certainly the elements contained within
AD/DN/DHCP
all appear to be working properly and adding a new machine connects without
any
problems and its information is broadcast throughout AD/DN/DHCP.
I was thinking of ISA server for the firewall and I have set this up as a
standalone
server and joined it to the DC. I have been slowly configuring it and it
communicates
with AD on the DC server with no difficulty.
QUESTION:
Am I correct in that I also need to install RRAS on the ISA server computer
in order
for internal network clients to access the internet. This they cannot do at
the moment.
If this is correct are there any additional settings that are require over
and above
those put in place when the installation wizard is run??
If I am not correct I am sorry but I cannot find settings within the ISA
manager to fix
the problem.
Once again many thanks for your kind help and assistance.
"Bill Grant" <not.available@online> wrote in message
news:eu0Pir0PHHA.3668@xxxxxxxxxxxxxxxxxxxxxxx
I agree with Danny. This is much too complex. Using multihomed servers as.
domain controllers is bad practice and will cause you problems.
If you want to use a server as a router/firewall for your LAN, do not
make it a domain controller. Use a standalone server (running ISA server
if possible). But this may be overkill for your setup. For testing you
could use RRAS, which comes as part of 2003 R2, as a NAT router. Have you
considered running a hardware firewall instead?
You only need one internal network, and the machines on it only need
one NIC. Only the router/firewall should have an interface in both
networks. eg
Internet
|
public IP
router/firewall
private IP (eg 192.168.31.254) default gateway blank
|
all LAN machines (workstations and servers)
192.168.31.x dg 192.168.31.254
Give the server you want to use as the DC a static IP, then run dcpromo
to set up AD and DNS. When you configure DHCP, set all machines to use the
DC for DNS and the firewall as default gateway (192.168.31.254 in the
example above). Modify the DNS on your DC to forward to a public DNS
server (so that it can resolve foreign URLs as well as local names).
Where you locate the web server is a problem. If you put it on the
"public" network, you will have problems using it or updating it from the
LAN (because it is outside the firewall). A common practice is to have the
web server on the LAN and arrange for public access to it via the
firewall. (That is the remote users connect to the firewall and the
firewall redirects queries to the web server on the LAN).
"Danny Sanders" <DSanders@xxxxxxxxxxxxxxx> wrote in message
news:%23d0TykxPHHA.320@xxxxxxxxxxxxxxxxxxxxxxx
administrative computer and then the Group of
workstaions connect via the admin computer to the network
You lost me here.
I really can't follow what you are trying to do.
DDS
"Silom" <nospam@xxxxxxxxxxxxxxx> wrote in message
news:53466EA0-D716-49D8-9E68-0E72073D8D7D@xxxxxxxxxxxxxxxx
Hi All,
I am very new to all of this.
I am using MS Server 2003 R2 etc and so far have tried some very simple
networks all using the same internal network.
Now I would like to start a network where a group of workstations
connect to the network but using a different address.
So there would be a DHCP/DNS/AD/RRAS server, a Web server,a Firewall, an
administrative computer and then the Group of
workstaions connect via the admin computer to the network.
Computer 1. two NIC's (one for the internet, one for the local network)
(srv 2003 r2)
Computer 2. a single NIC (web server)
Computer 3. two NIC's (one for the local network and one for the admin
computer) (firewall)
Computer 4. two NIC's (one to connect to admin and the other to the
Group of workstations) (Admin)
Computers 5 - 10 one NIC each
I let the server program configure as a typical first server. OK. Those
computers that reside up to the firewall
(as yet not installed), computers 1 to 3, connect to the network and
also the internet using DHCP/DNS/AD/RRAS as setup.
However, The card in computer 3 that looks to connect to the admin
computer and those which look from the workstations
to the admin computer do not connect to the network.
I have not setup any other configurations except as instructed "To Do
Next" after the initial setup. I am seeing leases
used under DHCP and the same addresses appearing in the FWD Lookup zone
under the domain name.
Can some assist me in configuring the necessary aspects to help me
rectify the problem.
- Follow-Ups:
- Re: New At Network Configuration
- From: Bill Grant
- Re: New At Network Configuration
- References:
- New At Network Configuration
- From: Silom
- Re: New At Network Configuration
- From: Danny Sanders
- Re: New At Network Configuration
- From: Bill Grant
- New At Network Configuration
- Prev by Date: Re: Network monitoring software
- Next by Date: Re: Domain Not Available
- Previous by thread: Re: New At Network Configuration
- Next by thread: Re: New At Network Configuration
- Index(es):
Relevant Pages
|
