Re: 2 NICs Configuration Problem

Firstly, nothing is bypassing the firewall - SB2003 server (192.168.16.2) is
behind the firewall on the LAN port (192.168.16.1); The multihome server
(192.168.16.3 internal & 192.168.20.2 external) is behind the firewall on the
DMZ port (192.168.20.1).

The SBS2003 server is physically connected to the LAN switch.
The multihome's internal nic is connected to the switch and its external is
connected to the DMZ port on the firewall.
The switch is connected to the LAN port on the firewall.

Hope this clears things up. Again, no errors, all lan connectivity is good,
just cant get the multihome to get out to the internet on its external nic.
Talked to Sonicwall and they inform me that there is nothing blocking the DMZ
outbound - so it should go.
Thanks
Paul
--
Paul Bockmann


"Bill Grant" wrote:

That all looks pretty dicey to me. Having a server on the LAN which
bypasses the firewall is never a good idea. What is the external NIC on the
multihomed server physically connected to? Is the 192.168.20 network your
DMZ?

"Paul" <paulbockmann@xxxxxxxxxxxxx> wrote in message
news:E0CB6183-B201-4D92-A24D-737A4F1C8857@xxxxxxxxxxxxxxxx
I have seen a number of write-ups on this - good and bad, but none seem to
make my situation work.
So, I have an SBS2003 (no ISA) with 1 nic > switch > Firewall LANport >
Internet as follows:

Host Name . . . . . . . . . . . . : thor
Primary Dns Suffix . . . . . . . : Removersgroup.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : Removersgroup.local

PPP adapter RAS Server (Dial In) Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.16.19
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled

Ethernet adapter Server Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Dual Port
Network Co
nnection
Physical Address. . . . . . . . . : 00-03-47-30-63-68
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.16.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.16.1
DNS Servers . . . . . . . . . . . : 192.168.16.2
Primary WINS Server . . . . . . . : 192.168.16.2
*******************************************
I would like to add amember server2003 with 2 nics - 1 for Internal >
switch(WSUS, Backup Exec, Aux storage) and 1 for External > Firewall DMZ
port (websites, WSUS updates) as follows:

Host Name . . . . . . . . . . . . : Quigley
Primary Dns Suffix . . . . . . . : Removersgroup.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Removersgroup.local

Ethernet adapter DMZ:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Dual Port
Network Co
nnection
Physical Address. . . . . . . . . : 00-03-47-32-EE-EF
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.20.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.20.1
DNS Servers . . . . . . . . . . . : 192.168.16.2
NetBIOS over Tcpip. . . . . . . . : Disabled

Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Dual Port
Network Co
nnection #2
Physical Address. . . . . . . . . : 00-03-47-32-EE-EE
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.16.3
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.16.2
Primary WINS Server . . . . . . . : 192.168.16.2

Right now I am unable to connect to the internet via the External nic on
the
webserver, although website service runs fine. I can also tie into the
webserver over the LAN with no problems. All in all, everything but the
ability to call out to the internet via the webservers external nic
(192.168.20.2) works great; Unfortunately I would like to have WSUS
updates
follow this path.
I do not have DNS, WINS, or RRAS setup on the member server2003. I am
getting no errors to post here so I am somewhat at a loss - please help.
Thanks
Paul


--
Paul Bockmann



.

Relevant Pages

  • Re: Outgoing POP3 email missing/lost/not received
    ... ISP's mail server instead of the domain name on the ... SUMMARY OF SETTINGS FOR CONFIGURE E-MAIL AND INTERNET ... Internet Connection Wizard. ... After the wizard completes, the following network connection ...
    (microsoft.public.windows.server.sbs)
  • Re: Urgent! New router and big disaster
    ... Anyway the Server Ipconfig /all is this... ... Server Local Area Connection: ... Les Connor [SBS Community Member - SBS MVP] ... First Page of the Internet Connection Wizard, ...
    (microsoft.public.windows.server.sbs)
  • Re: VPN breaks after installing patches
    ... Now I understand that you are using the PPPoE connection and no router is ... a virtual network adapter will be ... 825763 How to configure Internet access in Windows Small Business Server ... Run the Change Server IP Address to change the internal IP address. ...
    (microsoft.public.windows.server.sbs)
  • Re: Urgent! New router and big disaster
    ... I checked the binding order and the Server Local area connection is at the top. ... I should have been more clear about internet connection.. ... I wonder if I may have missed a firewall setting on the router as well. ...
    (microsoft.public.windows.server.sbs)
  • Re: Non-domain connection problem
    ... Ethernet adapter Local Area Connection: ... Connection-specific DNS Suffix. ... I hard coded the DNS server to a known DNS on the internet: ... Again this had no effect on the ability to connect to the internet. ...
    (microsoft.public.windows.server.sbs)
Loading