Re: Network Topology?
- From: stephen <stephen@xxxxxxxxxxxxxxx>
- Date: Tue, 18 Apr 2006 13:36:27 +0100
Mark wrote:
I have two questions regarding setting up my sbs 2003 network:
1. How do I access my internal companyweb and RWW from a remote location? Do I have to register a Domain Name and have it point to my ISP's DNS, or can I just use the static IP 74.x.x.x/remote, and if so why doesn't it work.
That will most likely work to get to RWW, but if you're registering a domain for your web site then it's more sensible to use that domain name. Companyweb is internal only by default: you'd need to access it through an RWW desktop session or a VPN connection.
2. I also want to use a different ISP to host my company's public web site, say http://mycompany.com, and also access my SBS's companyweb, exchange, and RWW. Should I name my SBS Domain mycompany.local, or will that interfere with my public web site http://mycompany.com?
Yes, name your sbs domain mycompany.local. No, it doesn't interfere with your public website or e-mail - quite the opposite, i.e if you use mycompany.com for the internal SBS domain then you would have to duplicate the real external DNS entries for mycompany.com on the internal SBS DNS).
What to is: register mycompany.com and modify the DNS using your domain agent's control panel (or instruct your agent to modify the DNS) such that:
You have MX records like this (raw DNS zone file format - you may have a nicer interface):
@ IN MX 5 mail.mycomany.com.
@ IN MX 10 backupmx.myisp.com. ;(if available)
And A records like this:
@ IN A 74.x.x.x ;(your sbs server)
mail IN A 74.x.x.x ;(ditto)
www IN A 88.x.x.x ;(your external web site)
If you want the domain A record for mycompany.com to resolve to your external site (so http://mycompany.com/ is equivalent to http://www.mycompany.com/) instead of your sbs server then you can't use https://mycomany.com/remote for RWW.
You have 2 choices:
1/ as above - i.e your external website is www.mycompany.com not http://mycompany.com. You can use mycompany.com for the sbs server's external address.
OR
2/ Set the domain A record to point to the external web site ie
@ IN A 88.x.x.x
and use mail.mycompany.com to refer to the sbs server (ie https://mail.mycompany.com/remote/ for RWW).
(The '@' is called the origin and basically means the base domain name. You can also just use a space on the left hand side instead of '@'. Any name not terminated with a dot in the zone file gets the origin appended so you could also write:
IN MX 5 mail
as the equivalent for the MX record above).
Whatever you choose, create the sbs SSL certificate appropriately, i.e use mail.mycompany.com for option 2 and mycompany.com for option 1.
Personally, I prefer option 1 for end-user simplicity or the third option, which is:
myserver IN A 74.x.x.x.
and use https://myserver.mycompany.com/remote/ for RWW
It doesn't really matter which of the 3 you choose, but there is arguably some security by obscurity (which is really no security at all) in using option 3.
-- stephen
.
- Prev by Date: Re: Still Trying...Very trying
- Next by Date: Re: Repost - Event Sink (notification) - Exchange Public Folder
- Previous by thread: Groups Policy for various screensaver timeouts
- Next by thread: Re: Repost - Event Sink (notification) - Exchange Public Folder
- Index(es):
Relevant Pages
|
