Re: Setting up wireless in a passthru/bridge mode

Both actually... manually enter the proper settings in the external NIC and
then re-run CEICW to configure the SBS server properly (including inputing
the ISP's DNS Namservers as "forwarders" on the appropriate screen).

CEICW Walkthrough
(2 NICs)
http://www.sbs-rocks.com/sbs2k3/sbs2k3-n2.htm

--
Merv Porter [SBS-MVP]
============================

"Jon" <Jon@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:BD478F0D-3EB9-48D6-BC00-AD6613D928C9@xxxxxxxxxxxxxxxx
Merv and Owen,

Thanks for your fantastic help on this. I have one more, probably dumb
question, but should I run the CECIW to reconfigure the IP addresses for
the
external NIC or can I do this within the adapter itself?

Thanks again for your help!

Jonathan


"Owen Williams [SBS MVP]" wrote:

In article <##Qmx68oHHA.4552@xxxxxxxxxxxxxxxxxxxx>,
mwport@xxxxxxxxxxxxxxxxxxx says...

I'm going to say that the easiest way to accomplish your goal without
changing your Westell setup, is to buy 2 cheap routers (Linksys, DLink,
etc.): a wired and a wireless. Put the wired router between the
Westell and
the second NIC and set up the WAN side of the wire router with the
static
WAN IP from your ISP. Then configure the external NIC on the SBS with
a
static IP address in the same range as the LAN side of the wired
router. In
the wired router configuration, port-forward all required ports (25,
3389,
4125, etc.) to the external SBS NIC. Turn off DHCP on the wired
router.

Then re-run CEICW, enabled the firewall, select your services, complete
the
Web Server Certificate and complete CEICW. After you know that your
workstations and server can get out to the Internet, connect the
Wireless
router to a free port on the wired router and give the WAN side of the
"wireless" router a static IP address in the same range as the LAN side
of
the "wired" router. Then configure the wireless security and DHCP
service.
This will put your wireless router outside of your SBS network, yet
give
those wireless guests Internet access.

IMO, this overcomplicates the configuration given the original poster
just wants to provide guest access with minimal controls other than (I
hope!) some basic security to ensure war drivers don't use the wireless
network.

I would just use a wireless router between the Westell and the SBS
external NIC. Enable DHCP on the router, but configure it to have an
excluded IP range (10 addresses are usually sufficient) and set the SBS
ext. NIC to one of those addresses. Forward all required ports (25,
3389, 4125, etc.) to the external SBS NIC. Configure WPA-PSK security
with a password you change periodically (monthly?) and provide to your
guests.

So, it looks like this:

Internet
|
Westell
|
Wireless Router (WAN: Static WAN IP from ISP; LAN: 192.168.1.1;
DHCP: 192.168.1.11-254)
|
SBS External NIC (192.168.1.2)
|
SBS (DHCP: 192.168.16.x)
|
SBS Internal NIC (192.168.16.2)
|
Switch
|
Workstations (192.168.16.x)

Wireless stations get a DHCP-assigned address in the 192.168.1.x range,
x=11-254.

If the Westell supports all the required functions - including WPA or
WAP2 security, not just WEP - you can re-enable the router function
(take it out of bridge mode), configure it as described, and you don't
even need to purchase a wireless router. [That said, I do like to set
DSL modem/routers to bridge mode so the device is providing only basic
DSL connectivity while the router or firewall appliance I spec performs
the routing and perimeter security functions.]

-- Owen Williams (SBS MVP)



.

Relevant Pages

  • Re: Router/Wireless Install
    ... >> in when you connected to the wireless. ... SBS Standard is just allowing the outbound connection to the Internet ... >> - Best security is WPA2 with IAS authentication. ... > SBS or the router to correct the problem. ...
    (microsoft.public.windows.server.sbs)
  • Re: Networking Question - VLANs on SBS 2003 Premium SP1
    ... DHCP running on the router. ... Set the DHCP on the router, to make a exclusion of IP range. ... you can set the SBS use fix IP by run the CEICW. ... all gust wireless clients will get IP address from DHCP on the ...
    (microsoft.public.windows.server.sbs)
  • Re: CEICW Network Error
    ... both NICs on SBS should get DNS from the 'internal' SBS NIC. ... The SBS DNS Server service can then be told to use the router or your ISP's DNS Servers as forwarderby submitting such during the CEICW or manual adjustment, OR you can leave the DNS setting blank during CEICW and SBS DNS will resolve using 'root hints'. ...
    (microsoft.public.windows.server.sbs)
  • Re: Networking Question - VLANs on SBS 2003 Premium SP1
    ... DHCP running on the router. ... Set the DHCP on the router, to make a exclusion of IP range. ... you can set the SBS use fix IP by run the CEICW. ... all gust wireless clients will get IP address from DHCP on the ...
    (microsoft.public.windows.server.sbs)
  • Re: Connect a Wireless Router to my SBS Network
    ... , the other end into the wireless router, assign the WAN ... Unless you have a good reason against it, I would connect the Airlink ... other end of the cable to the external NIC on your SBS server. ...
    (microsoft.public.windows.server.sbs)
Loading