Re: 1 NIC v. 2 NICS & remote access questions from beginner

Well, if you need to allow files transaction between the internal network and
a remote user I would recommend using a secure VPN. What should you use, the
SBS ones or the Symantec router? depends on the security that gives each one
and the security that you need to achieve. If the router gives you advanced
VPN funcionality (L2TP/Ipsec) I`ll tend to use that, because it will be
probably easier to set up, as you don´t have to mess with the open ports in
the router to access the VPN in the SBS.

the A record in the ISP DNS is for the generic server and the MX is for the
mail. Not been sure of your design and the relationship with your ISP, but I
think that you should use just one public IP set up in the external interface
of the router, and have all DNS records on the ISP DNS point to that IP. To
give public services (mail, OWA, VPN) you shold redirect the correct ports in
the firewall for each service to the SBS server.

And the gateway for the internal network is almost always the IP o f the
--Internal-- interface of the firewall, not the external.

Hope I resolved something...

Feel free to ask more !!

--
Darío Díaz Anzalone

-----------------------------------
Consultor Redes/Sistemas
CAIP S.L.
-----------------------------------


"Russell DeMarco" wrote:

>
>
> > There are a couple of ways that you could configure your network. Since
> > you're using SBS Standard and not Premium, I'll assume that there is no
> > ISA Server on your network.
> >
> > A typical configuration would be to have your ISP's router connected to
> > your firewall device. [I'll assume that your Symantec router is really
> > your firewall.] The firewall would have a public IP address assigned by
> > the ISP to the WAN port, and it would have a private address
> > (192.168.etc.etc) assigned to its LAN port.
> >
> > The server needs to have only a single NIC on the same subnet as the
> > firewall LAN port. So if the firewall LAN port is at 192.168.0.1, then
> > you could put your server at 192.168.0.2 and your workstations and
> > network printers would follow the pattern.
>
> All of the above is correct.
>
>
> >
> > To access features of the server remotely (such as Outlook Web Access or
> > Remote Web Workplace), you will need to setup port forwarding on the
> > firewall. Examples: port 25 for inbound email, 443 for HTTPS needed for
> > OWA, 4125 needed for Remote Web, etc.
>
> Which one of the above (or sharepoint?) allows our users to access files on
> the server remotely? Is it better to use the router/firewall's VPN?
>
> Here's where I get confused. Our router/firewall (Symantec) has public
> ip...118 attached to it's WAN port that's our Gateway, correct? (We have a
> block of 5 IPs.) We then followed SBS directions which stated we need to
> have our ISP point a DNS "A" record to server.domainname.com and we told
> them it'll be public ip...117. I assume this was to access the server
> locally. We also had them point our MX pointer to .117. We're not using
> Exchange YET.
>
> So do I setup the .117 on our server's NIC? Do I port forward to the
> servers private IP?
>
> Thanks again.
>
>
> > ______________________________________
> > Bradley J. Dinerman, MVP - Windows Server Systems
> > President, New England Information Security Group
> > http://www.neisg.org
> >
> > Russell DeMarco wrote:
> > > We have SBS 2003 std that we've been using for a few months now. We now
> > > want to access the server remotely and setup Exchange. We have 1 NIC,
> do we
> > > need (or is it preferred) 2? The first NIC is a local IP 192..., do we
> > > setup the 2nd NIC with one of our public IPs? Is there something I need
> to
> > > do in our Symantec router (forward ports or something)? (It's not
> recognized
> > > by SBS.) Is it better if I use the VPN in the router?
> > >
> > > Thanks.
> > >
> > >
>
>
>
.

Relevant Pages

  • Re: Remote Access and ISA Server in SBS 2003?
    ... I am glad to hear the Remote Access Wizard is working fine now. ... there is no difference in VPN between SBS 4.5 and SBS ... Error Message: VPN Connection Error 800: Unable to Establish Connection ... the external NIC of the SBS Server. ...
    (microsoft.public.windows.server.sbs)
  • RE: SBS 2003 sudden services problem over router based vpn
    ... I understand that your remote cannot receive POP3 emails through VPN ... SBS Server through routers. ...
    (microsoft.public.windows.server.sbs)
  • Re: VPN clients unable to connect to other resources.
    ... gateway matches the IP of the remote client, and DNS and WINS point to the ... remote (although it takes close to a minute to connect, ... This is just regular Windows VPN, ... VPN server, remote routing and access running on the SBS 2003 server ...
    (microsoft.public.windows.server.sbs)
  • Re: More on Remote Desktop
    ... You can access both remote and local drives/print locally and remotely/etc, ... Yes a VPN will work just fine. ... >>> and point it to the Static IP of the internal server. ... On the otherside, when you dial up to earthlink, your laptop also gets a ...
    (microsoft.public.windowsxp.network_web)
  • RE: Remote connectivity problems
    ... do you mean you have added a remote client to SBS ... If you have hardware VPN tunnel setup using Linksys or others, ... In this scenario you have to configure the SBS Server computer to enable ...
    (microsoft.public.windows.server.sbs)